last executing test programs:

1m26.726467724s ago: executing program 1 (id=603):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="0500000000e0ffffffffffff", @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000008001"], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRES32=r0], 0x48}}, 0x0)

1m25.706308017s ago: executing program 1 (id=607):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c00000010000304ffffffff0000000000000400", @ANYRES32=0x0, @ANYBLOB="0003000002800000140012800a00010069706f696200000004000280080005"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) (fail_nth: 1)

1m24.84937533s ago: executing program 1 (id=608):
r0 = syz_open_dev$evdev(&(0x7f0000000200), 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979e29857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37ceff9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f0800000000000000af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed210d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734f87da3770845cf442d488afdc0e170000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bbf8ab9c691841ab0931d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f080091c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efde0142cf90ff668b9757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c2f56855b18f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a37870000000000000000000000000000000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e357e0cbed29faef19c0082e26fb867bf0ff0099d71bb0d2f443e77a44e8c4b0455d95b19c73ef4c98f775aad9e1b317b3cc48f7ad1d82ea6ad6c3c7d943fb0157c250e2ba56301e25c19a7e37ce880bed8a8e1538560f2be7d4cca6539277505826bd61bad2bcd4914344d4a27b29d2eb89bdc7a702e485d68c04e8f6b05336bf8d8e116605eaf375a592fe2382763c3cba76a0e4029dad5d37dd77abb1b7d2e2de23a4131e45ed81123ad6fa4f8b92c47e00000000000000774c"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x46, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f008004ce0050000000100008877fbac141416e000030a89079f03b1800007150511e0845013f2325f004408050b038da1880b25181aa59d943be3", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsmount(0xffffffffffffffff, 0x0, 0x9)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="1900000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000024940ac30000000000000000000000000000000003000000"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r2, &(0x7f0000000280), &(0x7f0000000000)=""/3, 0x2}, 0x20)
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
readv(r3, &(0x7f0000000080)=[{&(0x7f0000000400)=""/216, 0xd8}], 0x1)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r2, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000010c0)={{r2}, &(0x7f0000001040), &(0x7f0000001080)=r1}, 0x20)
syz_usb_connect(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x90, 0x2b, 0x80, 0x10, 0xbb4, 0xa7e, 0x60c4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x45, 0x2, 0x2, 0xfb, 0xd4, 0x3, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x81, 0x2, 0x40, 0x0, 0x3d, 0x1}}]}}]}}]}}, 0x0)
pipe(&(0x7f0000000480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(r5, &(0x7f00000000c0)=[{&(0x7f00000010c0)="9c", 0x1}], 0x1, 0x6)
r6 = socket$inet6(0xa, 0x3, 0x3c)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000f00)=ANY=[@ANYRES16=r6], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140ff"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x5000, 0x0, @loopback, 0x5}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x3, &(0x7f0000000580)=@framed={{0x18, 0x5}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)
r8 = socket$netlink(0x10, 0x3, 0x9)
splice(r4, 0x0, r8, 0x0, 0x10d00, 0xf)
ioctl$EVIOCSCLOCKID(r0, 0x40084504, &(0x7f0000ffcffc))

1m19.082398503s ago: executing program 1 (id=619):
r0 = socket$kcm(0xa, 0x2, 0x73)
setuid(0xee01)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f815108f6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0", 0xc00}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3b, 0xc9000000}}, @ip_tos_u8={{0x11, 0x29, 0x37}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @loopback}}}], 0x50}, 0x0)

1m17.315812248s ago: executing program 1 (id=621):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000480)=ANY=[], 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$l2tp(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x200, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x20048801}, 0x4400c084)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000840))
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x40000000040201, 0x0)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r4, 0xc0884113, &(0x7f0000000380)={0x1, 0x20, 0xfffffd0a, 0x10001, 0x0, 0xfffffffffdfffffb, 0x400, 0x0, 0xfbfffffffffffffd, 0xfffffffffffffffd, 0xffffffbb, 0x1})

1m14.616247428s ago: executing program 1 (id=623):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000000))
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x3c00)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
syz_io_uring_setup(0x408f00, &(0x7f0000000080)={0x0, 0x591e, 0x10000, 0x2, 0x3cc, 0x0, 0x0}, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000380)={0x2, 0x34000, 0x1})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000040)={0x0, 0x12000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000000)={0xeeee8000, 0x4000, 0x1})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0xf5ff, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

58.994155721s ago: executing program 32 (id=623):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000000))
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x3c00)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
syz_io_uring_setup(0x408f00, &(0x7f0000000080)={0x0, 0x591e, 0x10000, 0x2, 0x3cc, 0x0, 0x0}, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000380)={0x2, 0x34000, 0x1})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000040)={0x0, 0x12000, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000000)={0xeeee8000, 0x4000, 0x1})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0xf5ff, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

52.302491822s ago: executing program 3 (id=655):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x802, 0x0)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r1, &(0x7f00000006c0)=[{{&(0x7f0000000000)={0xa, 0x40, 0x0, @private0={0xfc, 0x0, '\x00', 0xfe}}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000080)="18", 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r1, 0x1)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000180)={0x8, 0xfff4, 0x200, 0x1, 0x2, 0x2, 0x9, 0x2}, 0x0)

51.630716859s ago: executing program 3 (id=658):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRES16=r1], 0x48)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, 0x0, 0x0)
sendmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="0500000000e0ffffffffffff", @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000008001"], 0x48}}, 0x0)
sendmsg$can_bcm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRES32=r2], 0x48}}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r6 = syz_io_uring_setup(0xb05, &(0x7f0000000480)={0x0, 0xa795, 0x0, 0x0, 0x2f5}, &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1, {0x0, r9}})
io_uring_enter(r6, 0x47be, 0x1, 0x0, 0x0, 0x0)

45.331348481s ago: executing program 3 (id=665):
r0 = socket$kcm(0xa, 0x2, 0x73)
setuid(0xee01)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f815108f6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412", 0xe00}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3b, 0xc9000000}}, @ip_tos_u8={{0x11, 0x29, 0x37}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @loopback}}}], 0x50}, 0x0)

41.045701945s ago: executing program 3 (id=667):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="0500000000e0ffffffffffff", @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000008001"], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRES32=r0], 0x48}}, 0x0)

38.107672255s ago: executing program 3 (id=672):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0)
ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f0000000100)={0x7, 0x101, 0x1})
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000050002000000000020000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a300000000008000540000000040c00098008000140ff"], 0x90}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='tra\as=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',\x00'])
write$P9_RVERSION(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065fffffc7f00000800395032303030"], 0x41)
fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000140)=0x1)

36.193041132s ago: executing program 3 (id=676):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'syztnl0\x00', &(0x7f00000005c0)={'syztnl2\x00', <r1=>0x0, 0x29, 0x73, 0x40, 0xe921, 0x10, @ipv4={'\x00', '\xff\xff', @multicast1}, @private2, 0x80, 0x8, 0x5bea6a18, 0x98b}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x10, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x2}, [@generic={0x9, 0x9, 0x1, 0x7ff, 0x8be}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xd}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, @generic={0x6c, 0x0, 0x2, 0x2, 0xfffffffb}, @alu={0x4, 0x0, 0xd, 0x7, 0x7, 0xfffffffffffffffe, 0x4}]}, &(0x7f00000000c0)='GPL\x00', 0x2, 0x67, &(0x7f0000000300)=""/103, 0x41100, 0x4d, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0xa, 0x9, 0xfff}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000640)=[{0x3, 0x3, 0x4, 0x6}, {0x2, 0x3, 0xe, 0x8}, {0x0, 0x5, 0x2, 0x1}, {0x1, 0x2, 0x4, 0xb}], 0x10, 0x4}, 0x94) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x101800, 0x0)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) (async)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000240)='cgroup.threads\x00', 0x2, 0x0)
open_by_handle_at(r5, &(0x7f0000000100)=ANY=[@ANYBLOB="0c00000001"], 0x408100)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, &(0x7f0000000280)={0x79, 0x0, 0x5}) (async)
r7 = eventfd2(0x180, 0x0)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000000)={r7})
writev(r7, &(0x7f0000001140)=[{&(0x7f0000001040)="373ab3bab5c31e1c", 0x8}], 0x1) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000580)={'veth0_to_team\x00', <r9=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r0, r9, 0x25, 0x0, @void}, 0x10) (async, rerun: 32)
r10 = socket(0x10, 0x803, 0x0) (rerun: 32)
ioctl$sock_SIOCETHTOOL(r10, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x4, 0x2, 0x1}}) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1802000040000000080000000300000085000000000000000080ab8b00000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)

36.19232157s ago: executing program 0 (id=677):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, 0x0, 0x0)
sendmsg$IPSET_CMD_SAVE(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x200484d}, 0x8000)
sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x82200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4c050)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'ip6tnl0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x2000000}, 0x1c)
syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00')
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a0b040000000000000006020000000900010073797a30000000000900020073797a320000000005000740c500000018000480140001800b0001007470726f7879"], 0x74}}, 0x0)
write$cgroup_int(r4, &(0x7f0000000040)=0x900, 0x12)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x304}, "0587a06a93f2aad4", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a50003"}, 0x38)
connect$llc(0xffffffffffffffff, 0x0, 0x0)
pipe2$watch_queue(&(0x7f00000000c0)={<r6=>0xffffffffffffffff}, 0x80)
r7 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_WATCH_KEY(0x20, r7, r6, 0x39)
syz_open_dev$evdev(&(0x7f0000000100), 0x1000, 0x10800)

35.263809145s ago: executing program 0 (id=680):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0x40}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4000000000008d}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x1042, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/slabinfo\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00'})
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_io_uring_setup(0x3e1e, &(0x7f0000000200)={0x0, 0x80009e3a, 0x80, 0x2, 0x1bd}, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

29.63365049s ago: executing program 0 (id=682):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="0500000000e0ffffffffffff", @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000008001"], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRES32=r0], 0x48}}, 0x0)

28.990466179s ago: executing program 0 (id=683):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000030601030000000008000000000000000500010007000000"], 0x1c}}, 0x0) (fail_nth: 1)

28.976394437s ago: executing program 4 (id=684):
mkdir(&(0x7f0000001c00)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x5, 0x8, 0xf}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000c40)={{r0}, &(0x7f0000000bc0), &(0x7f0000000c00)=r1}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000840)={r1}, 0xc)
mknod(&(0x7f0000000140)='./file0\x00', 0x41, 0x28000)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x290d010, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xfc303, 0x0)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000700), 0x101, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r3, 0xc0040d07, &(0x7f0000000040)=0x121)
write$P9_RSTATu(r2, &(0x7f0000000780)=ANY=[@ANYBLOB="b90300000200000005e6000005040000000000000000000000000000000000008103000000000800000008000000000000001b00046e6f6465767b65766f6f7e0539c60005000037d93a8b92000000380070673effeb09b5351f5bde054000000000187b8200b500002b595fcb14034354b9fd9ef196a51cd5157adc8103b494e100000000000000001800080001818c599cb95f82e2160a6a50c4ed5065689a2a88894800f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c3a8529a451b3407db0600884baf05"], 0x3b9)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x86022, &(0x7f0000000040)=ANY=[@ANYBLOB="f8095f696e6f6475733d352c6e725f626c6f636b733d652c00"])
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x40f, &(0x7f0000000000)={0x0, 0x3})
mount$nfs4(&(0x7f00000001c0)='\\^\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x1010004, &(0x7f0000000400)=ANY=[@ANYBLOB="2f6465762f73657175656e000000002c66756e63cdbbdd8a868e148f00000000d0364ff8449f211e0000"])

28.048289966s ago: executing program 0 (id=685):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000680), 0x8)
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x10200, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f00000000c0), 0x0}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$inet(r3, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r4)

26.907341022s ago: executing program 0 (id=687):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x64010102, 0x4e22, 0x3, 'wrr\x00', 0x1, 0x80005, 0x6f}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x16}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44)
sendmsg$sock(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)}, 0x40048c4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000240)={0x0, 0x0, 0x300f})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
gettid()
ioctl$KVM_RUN(r6, 0xae80, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xa00, 0x100)
openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x200080, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

26.759223526s ago: executing program 4 (id=688):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000200304306000000000000109022400ee05e721321aaa1700"], 0x0)

24.042866922s ago: executing program 4 (id=690):
futex(0xfffffffffffffffd, 0x4, 0x2, 0x0, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200), 0xa8001, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000280), 0x1004404, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="850000002f000000840000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc"], &(0x7f0000000180)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r7, 0x1, 0x32, &(0x7f0000000040)=r8, 0x4)
syz_emit_ethernet(0x32, &(0x7f0000000200)={@broadcast, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x2, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x9}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x0, 0x0, 0x0, 0x2000004, 0x0, 0x0, 0x1f00, 0x39, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x2, 0x200008, 0x5, 0x20000}, 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r6], 0x4c}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)

22.397557551s ago: executing program 4 (id=691):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0x140)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RVERSION(r2, &(0x7f0000000c40)=ANY=[], 0x13)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x7], &(0x7f0000000380), 0x0, 0x1}}, 0x40)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r5, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r6, 0x1, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000002000)=""/102400, 0x19000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r9=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)

19.801290118s ago: executing program 33 (id=676):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'syztnl0\x00', &(0x7f00000005c0)={'syztnl2\x00', <r1=>0x0, 0x29, 0x73, 0x40, 0xe921, 0x10, @ipv4={'\x00', '\xff\xff', @multicast1}, @private2, 0x80, 0x8, 0x5bea6a18, 0x98b}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x10, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x2}, [@generic={0x9, 0x9, 0x1, 0x7ff, 0x8be}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xd}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, @generic={0x6c, 0x0, 0x2, 0x2, 0xfffffffb}, @alu={0x4, 0x0, 0xd, 0x7, 0x7, 0xfffffffffffffffe, 0x4}]}, &(0x7f00000000c0)='GPL\x00', 0x2, 0x67, &(0x7f0000000300)=""/103, 0x41100, 0x4d, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0xa, 0x9, 0xfff}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000640)=[{0x3, 0x3, 0x4, 0x6}, {0x2, 0x3, 0xe, 0x8}, {0x0, 0x5, 0x2, 0x1}, {0x1, 0x2, 0x4, 0xb}], 0x10, 0x4}, 0x94) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x101800, 0x0)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) (async)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000240)='cgroup.threads\x00', 0x2, 0x0)
open_by_handle_at(r5, &(0x7f0000000100)=ANY=[@ANYBLOB="0c00000001"], 0x408100)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, &(0x7f0000000280)={0x79, 0x0, 0x5}) (async)
r7 = eventfd2(0x180, 0x0)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000000)={r7})
writev(r7, &(0x7f0000001140)=[{&(0x7f0000001040)="373ab3bab5c31e1c", 0x8}], 0x1) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000580)={'veth0_to_team\x00', <r9=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r0, r9, 0x25, 0x0, @void}, 0x10) (async, rerun: 32)
r10 = socket(0x10, 0x803, 0x0) (rerun: 32)
ioctl$sock_SIOCETHTOOL(r10, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x4, 0x2, 0x1}}) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1802000040000000080000000300000085000000000000000080ab8b00000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)

18.966922487s ago: executing program 4 (id=694):
r0 = socket$inet(0x2, 0x803, 0x0)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0xe803, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
fdatasync(0xffffffffffffffff)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
connect$bt_sco(r1, 0x0, 0x0)
syz_open_dev$vcsu(&(0x7f0000000040), 0xa9, 0x10100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x61)
r2 = landlock_create_ruleset(&(0x7f0000000000)={0xb001, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file2\x00', 0xc000, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2)
getpid()
socket$unix(0x1, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff3000/0x3000)=nil, &(0x7f0000ff6000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r3 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x2, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
r4 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='8', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)

14.543665327s ago: executing program 2 (id=696):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close(0x3)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'sit0\x00', <r3=>0x0})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$uinput_user_dev(r5, &(0x7f00000004c0)={'syz0\x00', {0xac, 0x7, 0x4, 0x4}, 0x27, [0x4, 0x4, 0x5, 0x7ff, 0xc, 0xc, 0x80000000, 0x7fff, 0xfffff5e2, 0x3, 0x1, 0xfffffff7, 0x1, 0x1, 0x8, 0x3, 0x9, 0x1, 0x8000, 0x266, 0x3b60, 0x6, 0x40, 0x6, 0x81, 0xcc03, 0x6, 0x9, 0xf1d, 0x1, 0x152, 0x10000, 0x8, 0x6, 0x10001, 0x280, 0x4ad, 0xfffffffb, 0x6, 0x7ff, 0x0, 0x5, 0x3ff, 0x7ff, 0x7fffffff, 0x2, 0x6, 0x9, 0xfffffff7, 0x1, 0x7, 0x4, 0x2, 0x0, 0x0, 0x2, 0x8, 0x0, 0x9, 0x6, 0x0, 0x7, 0x2, 0xffffffc0], [0x9, 0x3, 0x6, 0x4, 0xffffffff, 0x3ff, 0xc051, 0x8, 0xffffffff, 0xa2a, 0x5, 0x8, 0x1, 0x200, 0xa000, 0x9, 0x8000, 0x80000000, 0x6960d185, 0x8, 0x2, 0x7fff, 0x401, 0x5, 0x9, 0x8001, 0x82, 0x81, 0x400, 0x3, 0xfffffffd, 0x7625eed8, 0xf, 0x4, 0x0, 0x9, 0x2, 0xef4, 0xffffffff, 0x8001, 0x200, 0x3, 0x9, 0x4, 0x8, 0x4, 0x3, 0x1, 0xb, 0x4691, 0x9, 0x97a, 0x1, 0x2, 0x0, 0x6, 0x7, 0x7, 0x7ff, 0x7, 0x9, 0x8, 0x2eda, 0x6], [0x8, 0x5, 0x200, 0x5, 0xbc10, 0x3, 0x80, 0x8, 0x1dde, 0x43, 0x9, 0xf3, 0x80, 0x5, 0x5, 0x0, 0xc, 0x5, 0x1, 0xffff7007, 0x2, 0x34c20da4, 0xdeb, 0x1ff, 0xa86, 0x5, 0x3, 0x9, 0x40ae, 0x5, 0xfffffff9, 0x8, 0x0, 0x0, 0xfffffffe, 0xc, 0x80, 0x0, 0x939f, 0x5, 0x54072b3f, 0x1, 0x39b5ad0e, 0x2, 0x20bc7f9a, 0x8, 0x9, 0x4, 0x6, 0x5, 0xfffffffb, 0xfbb, 0x9, 0x8b, 0x5, 0xf2, 0x14, 0x5, 0xfffff92e, 0x8, 0x2, 0xffffff56, 0x81, 0x80], [0x25, 0x10, 0x0, 0x140000, 0xfffffc01, 0x3, 0xfff, 0x3, 0x1, 0x0, 0x3, 0xfffffffd, 0x81, 0xe70, 0x9, 0x200, 0x7, 0xfffffffa, 0x3, 0x6, 0xb21a, 0x5, 0x4, 0x1ff, 0x4, 0xe, 0x0, 0x1, 0x9, 0x9, 0x7ff, 0x6, 0x2e, 0x0, 0x9, 0xa, 0x3, 0x4, 0xe1a, 0x0, 0x5, 0x1, 0x6, 0x4, 0xc7, 0x8, 0x8, 0x7, 0x2, 0x1, 0x5, 0x81, 0x0, 0x7, 0x0, 0x8, 0x8, 0x1d, 0x20000, 0x9, 0x6, 0xfffffffc, 0x5]}, 0x45c)
ioctl$KDSIGACCEPT(r4, 0x5607, 0x2c)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r6, 0x28, 0x0, 0x0, &(0x7f0000000600))
ioctl$VT_RESIZE(r4, 0x5609, 0x0)
ioctl$TIOCL_BLANKSCREEN(r4, 0x541c, &(0x7f0000000100))
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r9 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x30, r8, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0)
ioctl$KDGETMODE(r4, 0x4b3b, &(0x7f0000000040))
creat(&(0x7f00000034c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1ef)

12.593800314s ago: executing program 4 (id=697):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x7, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@x86={0x40, 0x1, 0xc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff, 0x0, '\x00', 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

12.361130153s ago: executing program 2 (id=698):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0)
ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f0000000100)={0x7, 0x101, 0x1})
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000050002000000000020000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a300000000008000540000000040c00098008000140ff"], 0x90}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='tra\as=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',\x00'])
write$P9_RVERSION(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065fffffc7f00000800395032303030"], 0x41)
fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000140)=0x1)

11.092177087s ago: executing program 34 (id=687):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x64010102, 0x4e22, 0x3, 'wrr\x00', 0x1, 0x80005, 0x6f}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x16}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44)
sendmsg$sock(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)}, 0x40048c4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000240)={0x0, 0x0, 0x300f})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
gettid()
ioctl$KVM_RUN(r6, 0xae80, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xa00, 0x100)
openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x200080, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

10.637108658s ago: executing program 2 (id=700):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0x40}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4000000000008d}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x1042, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/slabinfo\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00'})
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_io_uring_setup(0x3e1e, &(0x7f0000000200)={0x0, 0x80009e3a, 0x80, 0x2, 0x1bd}, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

7.723717038s ago: executing program 2 (id=701):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, 0x0, 0x0)
execveat$binfmt(0xffffffffffffffff, 0x0, &(0x7f0000000580)={[&(0x7f0000000300)='autofs\x00', &(0x7f0000000380)='\x00', 0x0, 0x0]}, 0x0, 0x1000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
connect$netlink(r0, &(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbfb}, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x106}, 0x1c)

3.36775678s ago: executing program 2 (id=702):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="021800001c000000000000000000000005000600000000000a00000000000000000000000000000000000000000000000000000000000000020012000000000000000000fcffffff0600ff0000000000000000000000000000000000000000000000000001000000fe8000000000002100000000000000bb050005002b0000000a00000000000000fc0100000002000000020000000000000000000000000000080019"], 0xe0}}, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x0, 0x0, 0x0, 0x2000004, 0x0, 0x0, 0x1f00, 0x39, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x2, 0x200008, 0x5, 0x20000}, 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r6], 0x4c}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x60, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xb5}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x7f0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

0s ago: executing program 2 (id=703):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0x40}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4000000000008d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x1042, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/slabinfo\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00'})
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
syz_io_uring_setup(0x3e1e, &(0x7f0000000200)={0x0, 0x80009e3a, 0x80, 0x2, 0x1bd}, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x79, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bind$inet(r4, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f0000000280)}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

kernel console output (not intermixed with test programs):

367 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f698c3df749 code=0x7ffc0000
[  143.910367][   T37] audit: type=1326 audit(1766922728.084:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f698c3df749 code=0x7ffc0000
[  143.910405][   T37] audit: type=1326 audit(1766922728.084:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f698c3df749 code=0x7ffc0000
[  151.720161][  T805] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  151.870210][  T805] usb 5-1: Using ep0 maxpacket: 8
[  151.872913][  T805] usb 5-1: unable to get BOS descriptor or descriptor too short
[  151.874454][  T805] usb 5-1: config 160 has an invalid interface number: 218 but max is 0
[  151.874480][  T805] usb 5-1: config 160 has no interface number 0
[  151.874514][  T805] usb 5-1: config 160 interface 218 has no altsetting 0
[  151.889105][  T805] usb 5-1: string descriptor 0 read error: -22
[  151.889271][  T805] usb 5-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=3b.da
[  151.889297][  T805] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.249778][  T805] f81534a_ctrl 5-1:160.218: failed to set register 0x116: -5
[  152.249805][  T805] f81534a_ctrl 5-1:160.218: failed to enable ports: -5
[  152.249842][  T805] f81534a_ctrl 5-1:160.218: probe with driver f81534a_ctrl failed with error -5
[  152.326257][  T805] usb 5-1: USB disconnect, device number 6
[  153.870389][ T5910] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  154.040361][ T5910] usb 2-1: Using ep0 maxpacket: 8
[  154.042233][ T5910] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  154.042286][ T5910] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  154.042315][ T5910] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  154.042341][ T5910] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  154.042368][ T5910] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  154.043459][ T5910] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  154.043510][ T5910] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  154.043539][ T5910] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  154.043564][ T5910] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  154.043589][ T5910] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  154.044672][ T5910] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  154.044720][ T5910] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  154.044747][ T5910] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  154.044772][ T5910] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  154.044798][ T5910] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  154.048077][ T5910] usb 2-1: string descriptor 0 read error: -22
[  154.048205][ T5910] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  154.048228][ T5910] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.097313][ T5910] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  155.379612][   T37] kauditd_printk_skb: 93 callbacks suppressed
[  155.379631][   T37] audit: type=1326 audit(1766922739.044:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6440 comm="syz.3.172" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca0892f749 code=0x0
[  155.667712][ T6449] netlink: 88 bytes leftover after parsing attributes in process `syz.2.174'.
[  155.677771][ T6447] FAULT_INJECTION: forcing a failure.
[  155.677771][ T6447] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.677803][ T6447] CPU: 1 UID: 0 PID: 6447 Comm: syz.4.167 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  155.677824][ T6447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  155.677836][ T6447] Call Trace:
[  155.677843][ T6447]  <TASK>
[  155.677851][ T6447]  dump_stack_lvl+0xe8/0x150
[  155.677878][ T6447]  should_fail_ex+0x46c/0x600
[  155.677906][ T6447]  _copy_from_user+0x2d/0xb0
[  155.677925][ T6447]  ___sys_recvmsg+0x12e/0x510
[  155.677947][ T6447]  ? get_pid_task+0x20/0x1f0
[  155.677968][ T6447]  ? get_pid_task+0x20/0x1f0
[  155.677995][ T6447]  ? __pfx____sys_recvmsg+0x10/0x10
[  155.678021][ T6447]  ? __fget_files+0x2a/0x420
[  155.678065][ T6447]  ? __fget_files+0x3a6/0x420
[  155.678094][ T6447]  __x64_sys_recvmsg+0x19e/0x260
[  155.678119][ T6447]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  155.678151][ T6447]  ? __pfx_ksys_write+0x10/0x10
[  155.678185][ T6447]  do_syscall_64+0xec/0xf80
[  155.678203][ T6447]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.678219][ T6447]  ? trace_irq_disable+0x37/0x100
[  155.678236][ T6447]  ? clear_bhb_loop+0x60/0xb0
[  155.678257][ T6447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.678274][ T6447] RIP: 0033:0x7f4cc11ff749
[  155.678290][ T6447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.678304][ T6447] RSP: 002b:00007f4cbf445038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  155.678323][ T6447] RAX: ffffffffffffffda RBX: 00007f4cc1456090 RCX: 00007f4cc11ff749
[  155.678337][ T6447] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000006
[  155.678348][ T6447] RBP: 00007f4cbf445090 R08: 0000000000000000 R09: 0000000000000000
[  155.678359][ T6447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.678369][ T6447] R13: 00007f4cc1456128 R14: 00007f4cc1456090 R15: 00007ffceac63018
[  155.678399][ T6447]  </TASK>
[  156.890264][   T31] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  157.064616][   T31] usb 5-1: Using ep0 maxpacket: 16
[  157.076459][   T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.076493][   T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.076516][   T31] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  157.076558][   T31] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  157.076581][   T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.141870][   T31] usb 5-1: config 0 descriptor??
[  157.304684][ T6005] usb 2-1: USB disconnect, device number 9
[  158.170932][ T6476] FAULT_INJECTION: forcing a failure.
[  158.170932][ T6476] name failslab, interval 1, probability 0, space 0, times 0
[  158.170965][ T6476] CPU: 0 UID: 0 PID: 6476 Comm: syz.2.181 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  158.170986][ T6476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  158.170997][ T6476] Call Trace:
[  158.171004][ T6476]  <TASK>
[  158.171016][ T6476]  dump_stack_lvl+0xe8/0x150
[  158.171044][ T6476]  should_fail_ex+0x46c/0x600
[  158.171071][ T6476]  ? create_new_namespaces+0x33/0x6a0
[  158.171091][ T6476]  should_failslab+0xa8/0x100
[  158.171110][ T6476]  ? create_new_namespaces+0x33/0x6a0
[  158.171127][ T6476]  kmem_cache_alloc_noprof+0x84/0x6c0
[  158.171150][ T6476]  ? vfs_write+0x965/0xb40
[  158.171179][ T6476]  create_new_namespaces+0x33/0x6a0
[  158.171201][ T6476]  ? bpf_lsm_capable+0x9/0x20
[  158.171219][ T6476]  ? security_capable+0x7e/0x2e0
[  158.171243][ T6476]  unshare_nsproxy_namespaces+0x11c/0x170
[  158.171266][ T6476]  ksys_unshare+0x4c8/0x8c0
[  158.171295][ T6476]  ? __pfx_ksys_unshare+0x10/0x10
[  158.171318][ T6476]  ? __pfx_ksys_write+0x10/0x10
[  158.171350][ T6476]  __x64_sys_unshare+0x38/0x50
[  158.171373][ T6476]  do_syscall_64+0xec/0xf80
[  158.171391][ T6476]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.171408][ T6476]  ? trace_irq_disable+0x37/0x100
[  158.171427][ T6476]  ? clear_bhb_loop+0x60/0xb0
[  158.171448][ T6476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.171466][ T6476] RIP: 0033:0x7f50dabef749
[  158.171482][ T6476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.171497][ T6476] RSP: 002b:00007f50d8e4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  158.171517][ T6476] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabef749
[  158.171531][ T6476] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000028020480
[  158.171542][ T6476] RBP: 00007f50d8e4e090 R08: 0000000000000000 R09: 0000000000000000
[  158.171554][ T6476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.171565][ T6476] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  158.171594][ T6476]  </TASK>
[  158.462413][   T31] microsoft 0003:045E:07DA.0001: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  158.462450][   T31] microsoft 0003:045E:07DA.0001: no inputs found
[  158.462463][   T31] microsoft 0003:045E:07DA.0001: could not initialize ff, continuing anyway
[  158.552740][   T31] usb 5-1: USB disconnect, device number 7
[  158.979045][ T6484] fido_id[6484]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  159.642187][   T31] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  160.009197][   T31] usb 3-1: device descriptor read/64, error -71
[  160.011178][ T6495] uprobe: +}[@:6495 failed to unregister, leaking uprobe
[  160.329955][   T31] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  160.540227][   T31] usb 3-1: device descriptor read/64, error -71
[  160.651641][   T31] usb usb3-port1: attempt power cycle
[  161.001300][   T31] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  161.022863][   T31] usb 3-1: device descriptor read/8, error -71
[  161.190312][ T6005] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  161.260270][   T31] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  161.280924][   T31] usb 3-1: device descriptor read/8, error -71
[  161.343173][ T6005] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.343209][ T6005] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.343232][ T6005] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  161.343274][ T6005] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  161.343298][ T6005] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.350981][ T6005] usb 1-1: config 0 descriptor??
[  161.488750][   T31] usb usb3-port1: unable to enumerate USB device
[  161.874055][ T6522] netlink: 40 bytes leftover after parsing attributes in process `syz.3.196'.
[  161.956509][ T6005] usbhid 1-1:0.0: can't add hid device: -32
[  161.958386][ T6005] usbhid 1-1:0.0: probe with driver usbhid failed with error -32
[  162.065535][ T6516] overlayfs: workdir and upperdir must reside under the same mount
[  162.067801][ T6517] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  162.098116][   T31] usb 1-1: USB disconnect, device number 5
[  164.234804][ T6545] tmpfs: Unknown parameter 'ø	_inodus'
[  164.248058][ T6545] nfs4: Unknown parameter '/dev/sequen'
[  165.572849][ T6557] Illegal XDP return value 38 on prog  (id 35) dev N/A, expect packet loss!
[  165.899298][ T6566] FAULT_INJECTION: forcing a failure.
[  165.899298][ T6566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.899332][ T6566] CPU: 0 UID: 0 PID: 6566 Comm: syz.4.210 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  165.899363][ T6566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  165.899375][ T6566] Call Trace:
[  165.899382][ T6566]  <TASK>
[  165.899391][ T6566]  dump_stack_lvl+0xe8/0x150
[  165.899420][ T6566]  should_fail_ex+0x46c/0x600
[  165.899450][ T6566]  strncpy_from_user+0x36/0x2c0
[  165.899476][ T6566]  path_getxattrat+0x122/0x400
[  165.899509][ T6566]  ? __pfx_path_getxattrat+0x10/0x10
[  165.899557][ T6566]  ? __pfx_ksys_write+0x10/0x10
[  165.899593][ T6566]  do_syscall_64+0xec/0xf80
[  165.899612][ T6566]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.899630][ T6566]  ? trace_irq_disable+0x37/0x100
[  165.899650][ T6566]  ? clear_bhb_loop+0x60/0xb0
[  165.899671][ T6566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.899688][ T6566] RIP: 0033:0x7f4cc11ff749
[  165.899704][ T6566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.899719][ T6566] RSP: 002b:00007f4cbf445038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c1
[  165.899738][ T6566] RAX: ffffffffffffffda RBX: 00007f4cc1456090 RCX: 00007f4cc11ff749
[  165.899752][ T6566] RDX: 0000000000000000 RSI: 0000200000001500 RDI: ffffffffffffffff
[  165.899763][ T6566] RBP: 00007f4cbf445090 R08: 0000000000000000 R09: 0000000000000000
[  165.899775][ T6566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.899786][ T6566] R13: 00007f4cc1456128 R14: 00007f4cc1456090 R15: 00007ffceac63018
[  165.899817][ T6566]  </TASK>
[  167.330230][   T37] audit: type=1326 audit(1766922751.554:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6570 comm="syz.1.215" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f698c3df749 code=0x0
[  169.230287][ T5952] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  169.550194][ T5952] usb 3-1: Using ep0 maxpacket: 32
[  169.552950][ T5952] usb 3-1: config 5 has too many interfaces: 238, using maximum allowed: 32
[  169.552977][ T5952] usb 3-1: config 5 descriptor has 1 excess byte, ignoring
[  169.552996][ T5952] usb 3-1: config 5 has 0 interfaces, different from the descriptor's value: 238
[  169.553032][ T5952] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  169.553055][ T5952] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.854123][ T5952] usb 3-1: string descriptor 0 read error: -71
[  169.870575][ T5952] usb 3-1: USB disconnect, device number 10
[  169.954422][ T6603] FAULT_INJECTION: forcing a failure.
[  169.954422][ T6603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.954454][ T6603] CPU: 1 UID: 0 PID: 6603 Comm: syz.0.224 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  169.954475][ T6603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  169.954487][ T6603] Call Trace:
[  169.954494][ T6603]  <TASK>
[  169.954502][ T6603]  dump_stack_lvl+0xe8/0x150
[  169.954532][ T6603]  should_fail_ex+0x46c/0x600
[  169.954560][ T6603]  _copy_from_user+0x2d/0xb0
[  169.954579][ T6603]  ___sys_sendmsg+0x158/0x2a0
[  169.954604][ T6603]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.954656][ T6603]  ? __fget_files+0x2a/0x420
[  169.954674][ T6603]  ? __fget_files+0x3a6/0x420
[  169.954701][ T6603]  __x64_sys_sendmsg+0x1a1/0x260
[  169.954724][ T6603]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  169.954754][ T6603]  ? __pfx_ksys_write+0x10/0x10
[  169.954788][ T6603]  do_syscall_64+0xec/0xf80
[  169.954806][ T6603]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.954824][ T6603]  ? trace_irq_disable+0x37/0x100
[  169.954851][ T6603]  ? clear_bhb_loop+0x60/0xb0
[  169.954873][ T6603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.954891][ T6603] RIP: 0033:0x7f275fdaf749
[  169.954907][ T6603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.954921][ T6603] RSP: 002b:00007f275e016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.954941][ T6603] RAX: ffffffffffffffda RBX: 00007f2760005fa0 RCX: 00007f275fdaf749
[  169.954954][ T6603] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000003
[  169.954965][ T6603] RBP: 00007f275e016090 R08: 0000000000000000 R09: 0000000000000000
[  169.954977][ T6603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.954988][ T6603] R13: 00007f2760006038 R14: 00007f2760005fa0 R15: 00007ffc9a5bda88
[  169.955018][ T6603]  </TASK>
[  170.508169][ T6609] FAULT_INJECTION: forcing a failure.
[  170.508169][ T6609] name failslab, interval 1, probability 0, space 0, times 0
[  170.508475][ T6609] CPU: 0 UID: 0 PID: 6609 Comm: syz.0.227 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  170.508498][ T6609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  170.508510][ T6609] Call Trace:
[  170.508517][ T6609]  <TASK>
[  170.508527][ T6609]  dump_stack_lvl+0xe8/0x150
[  170.508557][ T6609]  should_fail_ex+0x46c/0x600
[  170.508588][ T6609]  should_failslab+0xa8/0x100
[  170.508608][ T6609]  __kvmalloc_node_noprof+0x181/0x940
[  170.508635][ T6609]  ? seq_read_iter+0x203/0xe20
[  170.508658][ T6609]  ? mutex_lock_nested+0x154/0x1d0
[  170.508681][ T6609]  ? seq_read_iter+0xb8/0xe20
[  170.508708][ T6609]  seq_read_iter+0x203/0xe20
[  170.508739][ T6609]  ? __pfx_seq_read_iter+0x10/0x10
[  170.508779][ T6609]  vfs_read+0x563/0xa30
[  170.508812][ T6609]  ? __pfx_vfs_read+0x10/0x10
[  170.508846][ T6609]  ? mutex_lock_nested+0x154/0x1d0
[  170.508867][ T6609]  ? fdget_pos+0x253/0x320
[  170.508896][ T6609]  ksys_read+0x14b/0x260
[  170.508923][ T6609]  ? __pfx_ksys_read+0x10/0x10
[  170.508958][ T6609]  do_syscall_64+0xec/0xf80
[  170.508977][ T6609]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.508994][ T6609]  ? clear_bhb_loop+0x60/0xb0
[  170.509017][ T6609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.509034][ T6609] RIP: 0033:0x7f275fdaf749
[  170.509052][ T6609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.509066][ T6609] RSP: 002b:00007f275dff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  170.509086][ T6609] RAX: ffffffffffffffda RBX: 00007f2760006090 RCX: 00007f275fdaf749
[  170.509100][ T6609] RDX: 0000000000002020 RSI: 0000200000003480 RDI: 0000000000000004
[  170.509112][ T6609] RBP: 00007f275dff5090 R08: 0000000000000000 R09: 0000000000000000
[  170.509124][ T6609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.509135][ T6609] R13: 00007f2760006128 R14: 00007f2760006090 R15: 00007ffc9a5bda88
[  170.509167][ T6609]  </TASK>
[  171.674380][   T37] audit: type=1326 audit(1766922755.904:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6617 comm="syz.4.230" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11ff749 code=0x0
[  174.290152][   T37] audit: type=1326 audit(1766922758.514:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6618 comm="syz.3.218" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca0892f749 code=0x0
[  175.031416][ T6633] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  175.180418][  T842] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  175.310551][  T842] usb 5-1: device descriptor read/64, error -71
[  175.453375][ T6638] FAULT_INJECTION: forcing a failure.
[  175.453375][ T6638] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  175.453409][ T6638] CPU: 0 UID: 0 PID: 6638 Comm: syz.2.236 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  175.453440][ T6638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  175.453451][ T6638] Call Trace:
[  175.453459][ T6638]  <TASK>
[  175.453467][ T6638]  dump_stack_lvl+0xe8/0x150
[  175.453497][ T6638]  should_fail_ex+0x46c/0x600
[  175.453526][ T6638]  _copy_from_user+0x2d/0xb0
[  175.453545][ T6638]  do_sock_getsockopt+0x15c/0x3d0
[  175.453571][ T6638]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  175.453596][ T6638]  ? ksys_write+0x1e7/0x260
[  175.453627][ T6638]  __x64_sys_getsockopt+0x1ab/0x250
[  175.453657][ T6638]  do_syscall_64+0xec/0xf80
[  175.453675][ T6638]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.453693][ T6638]  ? trace_irq_disable+0x37/0x100
[  175.453712][ T6638]  ? clear_bhb_loop+0x60/0xb0
[  175.453734][ T6638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.453752][ T6638] RIP: 0033:0x7f50dabef749
[  175.453767][ T6638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.453782][ T6638] RSP: 002b:00007f50d8e4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  175.453801][ T6638] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabef749
[  175.453815][ T6638] RDX: 000000000000000d RSI: 0000000000000006 RDI: 0000000000000003
[  175.453825][ T6638] RBP: 00007f50d8e4e090 R08: 0000000000000000 R09: 0000000000000000
[  175.453837][ T6638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.453848][ T6638] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  175.453877][ T6638]  </TASK>
[  175.579894][  T842] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  175.730259][  T842] usb 5-1: device descriptor read/64, error -71
[  176.039997][  T842] usb usb5-port1: attempt power cycle
[  178.120338][  T842] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  178.232149][  T842] usb 5-1: device descriptor read/8, error -71
[  179.260391][  T842] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  179.281065][  T842] usb 5-1: Using ep0 maxpacket: 32
[  179.284910][  T842] usb 5-1: config 5 has too many interfaces: 238, using maximum allowed: 32
[  179.284937][  T842] usb 5-1: config 5 descriptor has 1 excess byte, ignoring
[  179.284955][  T842] usb 5-1: config 5 has 0 interfaces, different from the descriptor's value: 238
[  179.284991][  T842] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  179.285015][  T842] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.589811][  T842] usb 5-1: string descriptor 0 read error: -71
[  179.607199][  T842] usb 5-1: USB disconnect, device number 11
[  180.049500][   T37] audit: type=1326 audit(1766922764.274:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6694 comm="syz.0.244" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f275fdaf749 code=0x0
[  186.857980][ T6731] syz.1.265 uses obsolete (PF_INET,SOCK_PACKET)
[  186.859648][ T6731] process 'syz.1.265' launched './file0' with NULL argv: empty string added
[  191.234779][ T5952] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  191.420204][ T5952] usb 5-1: Using ep0 maxpacket: 16
[  191.429312][ T5952] usb 5-1: config 0 has an invalid interface number: 65 but max is 0
[  191.429330][ T5952] usb 5-1: config 0 has no interface number 0
[  191.453641][ T5952] usb 5-1: New USB device found, idVendor=046d, idProduct=0840, bcdDevice=2c.30
[  191.453660][ T5952] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.453671][ T5952] usb 5-1: Product: syz
[  191.453685][ T5952] usb 5-1: Manufacturer: syz
[  191.453693][ T5952] usb 5-1: SerialNumber: syz
[  191.456587][ T5952] usb 5-1: config 0 descriptor??
[  191.536746][ T5952] gspca_main: STV06xx-2.14.0 probing 046d:0840
[  191.786118][   T37] audit: type=1326 audit(1766922776.014:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6762 comm="syz.1.267" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f698c3df749 code=0x0
[  195.674308][ T6771] netlink: 8 bytes leftover after parsing attributes in process `syz.0.275'.
[  195.737291][ T1326] ieee802154 phy0 wpan0: encryption failed: -22
[  195.742448][ T1326] ieee802154 phy1 wpan1: encryption failed: -22
[  196.373785][ T5952] gspca_stv06xx: I2C: Read error writing address: -71
[  196.423738][ T5952] usb 5-1: USB disconnect, device number 12
[  196.479336][ T6790] FAULT_INJECTION: forcing a failure.
[  196.479336][ T6790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.479368][ T6790] CPU: 1 UID: 0 PID: 6790 Comm: syz.2.279 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  196.479388][ T6790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  196.479399][ T6790] Call Trace:
[  196.479406][ T6790]  <TASK>
[  196.479414][ T6790]  dump_stack_lvl+0xe8/0x150
[  196.479443][ T6790]  should_fail_ex+0x46c/0x600
[  196.479472][ T6790]  _copy_from_user+0x2d/0xb0
[  196.479490][ T6790]  ___sys_sendmsg+0x158/0x2a0
[  196.479516][ T6790]  ? __pfx____sys_sendmsg+0x10/0x10
[  196.479535][ T6790]  ? __schedule+0x1475/0x5070
[  196.479591][ T6790]  ? __fget_files+0x2a/0x420
[  196.479609][ T6790]  ? __fget_files+0x3a6/0x420
[  196.479636][ T6790]  __x64_sys_sendmsg+0x1a1/0x260
[  196.479661][ T6790]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  196.479692][ T6790]  ? rcu_is_watching+0x15/0xb0
[  196.479722][ T6790]  do_syscall_64+0xec/0xf80
[  196.479744][ T6790]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.479761][ T6790]  ? trace_irq_disable+0x37/0x100
[  196.479779][ T6790]  ? clear_bhb_loop+0x60/0xb0
[  196.479801][ T6790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.479819][ T6790] RIP: 0033:0x7f50dabef749
[  196.479835][ T6790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.479850][ T6790] RSP: 002b:00007f50d8e4e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.479869][ T6790] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabef749
[  196.479883][ T6790] RDX: 0000000004000000 RSI: 0000200000000440 RDI: 0000000000000003
[  196.479895][ T6790] RBP: 00007f50d8e4e090 R08: 0000000000000000 R09: 0000000000000000
[  196.479906][ T6790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.479917][ T6790] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  196.479947][ T6790]  </TASK>
[  198.301780][ T6801] FAULT_INJECTION: forcing a failure.
[  198.301780][ T6801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.301802][ T6801] CPU: 0 UID: 0 PID: 6801 Comm: syz.2.284 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  198.301815][ T6801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  198.301821][ T6801] Call Trace:
[  198.301826][ T6801]  <TASK>
[  198.301831][ T6801]  dump_stack_lvl+0xe8/0x150
[  198.301849][ T6801]  should_fail_ex+0x46c/0x600
[  198.301867][ T6801]  _copy_from_user+0x2d/0xb0
[  198.301879][ T6801]  do_sys_poll+0x23d/0xed0
[  198.301902][ T6801]  ? __lock_acquire+0x6b6/0x2cf0
[  198.301919][ T6801]  ? __pfx_do_sys_poll+0x10/0x10
[  198.301929][ T6801]  ? is_bpf_text_address+0x292/0x2b0
[  198.301942][ T6801]  ? is_bpf_text_address+0x26/0x2b0
[  198.301954][ T6801]  ? do_sys_openat2+0x15a/0x200
[  198.301966][ T6801]  ? kernel_text_address+0xa5/0xe0
[  198.302015][ T6801]  ? ktime_get_ts64+0xa9/0x3d0
[  198.302040][ T6801]  ? __pfx_timespec64_add_safe+0x10/0x10
[  198.302060][ T6801]  __se_sys_poll+0x128/0x320
[  198.302077][ T6801]  ? __pfx___se_sys_poll+0x10/0x10
[  198.302097][ T6801]  do_syscall_64+0xec/0xf80
[  198.302107][ T6801]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.302124][ T6801]  ? trace_irq_disable+0x37/0x100
[  198.302135][ T6801]  ? clear_bhb_loop+0x60/0xb0
[  198.302147][ T6801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.302157][ T6801] RIP: 0033:0x7f50dabef749
[  198.302167][ T6801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.302175][ T6801] RSP: 002b:00007f50d8e4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[  198.302187][ T6801] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabef749
[  198.302194][ T6801] RDX: 000000000000007f RSI: 0000000000000001 RDI: 0000200000000180
[  198.302201][ T6801] RBP: 00007f50d8e4e090 R08: 0000000000000000 R09: 0000000000000000
[  198.302207][ T6801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.302213][ T6801] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  198.302228][ T6801]  </TASK>
[  200.555492][   T37] audit: type=1326 audit(1766922784.074:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6811 comm="syz.2.287" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f50dabef749 code=0x0
[  200.870564][ T5887] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  201.034752][ T5887] usb 5-1: config 0 has an invalid interface number: 129 but max is 0
[  201.034781][ T5887] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  201.034800][ T5887] usb 5-1: config 0 has no interface number 0
[  201.034855][ T5887] usb 5-1: config 0 interface 129 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  201.084353][ T5887] usb 5-1: New USB device found, idVendor=04e8, idProduct=a101, bcdDevice=80.8e
[  201.084384][ T5887] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.084404][ T5887] usb 5-1: Product: syz
[  201.084419][ T5887] usb 5-1: Manufacturer: syz
[  201.084434][ T5887] usb 5-1: SerialNumber: syz
[  201.127829][ T6829] Bluetooth: MGMT ver 1.23
[  201.146694][ T5887] r8152-cfgselector 5-1: Unknown version 0x0000
[  201.146727][ T5887] r8152-cfgselector 5-1: config 0 descriptor??
[  201.149981][ T5887] r8152 5-1:0.129: Expected endpoints are not found
[  202.306886][ T6860] FAULT_INJECTION: forcing a failure.
[  202.306886][ T6860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  202.306922][ T6860] CPU: 0 UID: 0 PID: 6860 Comm: syz.1.293 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  202.306944][ T6860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  202.306955][ T6860] Call Trace:
[  202.306963][ T6860]  <TASK>
[  202.306971][ T6860]  dump_stack_lvl+0xe8/0x150
[  202.306999][ T6860]  should_fail_ex+0x46c/0x600
[  202.307029][ T6860]  _copy_from_user+0x2d/0xb0
[  202.307049][ T6860]  ___sys_sendmsg+0x158/0x2a0
[  202.307076][ T6860]  ? __pfx____sys_sendmsg+0x10/0x10
[  202.307103][ T6860]  ? kstrtouint+0x6e/0xe0
[  202.307150][ T6860]  ? __fget_files+0x2a/0x420
[  202.307169][ T6860]  ? __fget_files+0x3a6/0x420
[  202.307198][ T6860]  __sys_sendmmsg+0x22d/0x430
[  202.307226][ T6860]  ? __pfx___sys_sendmmsg+0x10/0x10
[  202.307257][ T6860]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  202.307299][ T6860]  ? ksys_write+0x230/0x260
[  202.307326][ T6860]  ? __pfx_ksys_write+0x10/0x10
[  202.307356][ T6860]  __x64_sys_sendmmsg+0xa0/0xc0
[  202.307381][ T6860]  do_syscall_64+0xec/0xf80
[  202.307399][ T6860]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.307417][ T6860]  ? trace_irq_disable+0x37/0x100
[  202.307436][ T6860]  ? clear_bhb_loop+0x60/0xb0
[  202.307458][ T6860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.307476][ T6860] RIP: 0033:0x7f698c3df749
[  202.307493][ T6860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.307508][ T6860] RSP: 002b:00007f698a646038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  202.307528][ T6860] RAX: ffffffffffffffda RBX: 00007f698c635fa0 RCX: 00007f698c3df749
[  202.307542][ T6860] RDX: 0000000000000001 RSI: 0000200000002fc0 RDI: 0000000000000003
[  202.307553][ T6860] RBP: 00007f698a646090 R08: 0000000000000000 R09: 0000000000000000
[  202.307565][ T6860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.307576][ T6860] R13: 00007f698c636038 R14: 00007f698c635fa0 R15: 00007ffe0bce4db8
[  202.307614][ T6860]  </TASK>
[  202.545353][ T6861] loop5: detected capacity change from 0 to 7
[  202.546977][ T6861] Dev loop5: unable to read RDB block 7
[  202.547010][ T6861]  loop5: AHDI p1 p2 p3
[  202.547030][ T6861] loop5: partition table partially beyond EOD, truncated
[  202.547170][ T6861] loop5: p1 start 1601398130 is beyond EOD, truncated
[  202.547181][ T6861] loop5: p2 start 1702059890 is beyond EOD, truncated
[  202.647620][ T6821] Bluetooth: hci2: command 0x0406 tx timeout
[  202.647659][ T6821] Bluetooth: hci1: command 0x0406 tx timeout
[  202.647683][ T6821] Bluetooth: hci4: command 0x0406 tx timeout
[  202.647705][ T6821] Bluetooth: hci0: command 0x0406 tx timeout
[  202.647759][ T6822] Bluetooth: hci3: command 0x0406 tx timeout
[  203.860489][ T6873] usb usb9: usbfs: process 6873 (syz.1.298) did not claim interface 4 before use
[  204.544058][   T37] audit: type=1326 audit(1766922788.744:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.0.300" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f275fdaf749 code=0x0
[  205.219280][ T6899] xt_HMARK: proto mask must be zero with L3 mode
[  205.524988][ T6584] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  205.564751][ T6904] nfs4: Unknown parameter '/dev/sequen'
[  205.740163][ T6584] usb 2-1: Using ep0 maxpacket: 16
[  205.742875][ T6584] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  205.742901][ T6584] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  205.742920][ T6584] usb 2-1: config 0 has no interface number 0
[  205.742965][ T6584] usb 2-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  205.802515][ T6584] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  205.802544][ T6584] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  205.802562][ T6584] usb 2-1: Product: syz
[  205.802576][ T6584] usb 2-1: SerialNumber: syz
[  205.848689][ T6584] usb 2-1: config 0 descriptor??
[  205.875769][ T6584] usbhid 2-1:0.8: couldn't find an input interrupt endpoint
[  205.903405][ T6910] Zero length message leads to an empty skb
[  206.094892][ T6911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.312'.
[  206.095013][ T6911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.312'.
[  206.148912][ T6584] usb 2-1: USB disconnect, device number 10
[  206.990279][ T6130] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  207.373690][ T6912] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  207.376460][ T6912] block device autoloading is deprecated and will be removed.
[  208.870231][ T6130] usb 4-1: unable to read config index 0 descriptor/start: -71
[  208.870273][ T6130] usb 4-1: can't read configurations, error -71
[  209.354235][ T6926] FAULT_INJECTION: forcing a failure.
[  209.354235][ T6926] name failslab, interval 1, probability 0, space 0, times 0
[  209.354269][ T6926] CPU: 0 UID: 0 PID: 6926 Comm: syz.0.306 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  209.354290][ T6926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  209.354301][ T6926] Call Trace:
[  209.354309][ T6926]  <TASK>
[  209.354317][ T6926]  dump_stack_lvl+0xe8/0x150
[  209.354346][ T6926]  should_fail_ex+0x46c/0x600
[  209.354376][ T6926]  should_failslab+0xa8/0x100
[  209.354397][ T6926]  __kmalloc_noprof+0xe0/0x7e0
[  209.354429][ T6926]  ? kfree+0x4d/0x900
[  209.354449][ T6926]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  209.354474][ T6926]  tomoyo_realpath_from_path+0xe3/0x5d0
[  209.354495][ T6926]  ? tomoyo_domain+0xd9/0x130
[  209.354520][ T6926]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  209.354544][ T6926]  tomoyo_path_number_perm+0x1e8/0x5a0
[  209.354571][ T6926]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  209.354594][ T6926]  ? __lock_acquire+0x6b6/0x2cf0
[  209.354621][ T6926]  ? do_raw_spin_lock+0x121/0x290
[  209.354675][ T6926]  ? __fget_files+0x2a/0x420
[  209.354697][ T6926]  ? __fget_files+0x2a/0x420
[  209.354715][ T6926]  ? __fget_files+0x3a6/0x420
[  209.354736][ T6926]  ? __fget_files+0x2a/0x420
[  209.354760][ T6926]  security_file_ioctl+0xcb/0x2d0
[  209.354787][ T6926]  __se_sys_ioctl+0x47/0x170
[  209.354814][ T6926]  do_syscall_64+0xec/0xf80
[  209.354832][ T6926]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.354850][ T6926]  ? trace_irq_disable+0x37/0x100
[  209.354868][ T6926]  ? clear_bhb_loop+0x60/0xb0
[  209.354891][ T6926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.354909][ T6926] RIP: 0033:0x7f275fdaf749
[  209.354926][ T6926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.354941][ T6926] RSP: 002b:00007f275e016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  209.354961][ T6926] RAX: ffffffffffffffda RBX: 00007f2760005fa0 RCX: 00007f275fdaf749
[  209.354994][ T6926] RDX: 00002000000001c0 RSI: 00000000c0a85352 RDI: 0000000000000003
[  209.355006][ T6926] RBP: 00007f275e016090 R08: 0000000000000000 R09: 0000000000000000
[  209.355017][ T6926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.355029][ T6926] R13: 00007f2760006038 R14: 00007f2760005fa0 R15: 00007ffc9a5bda88
[  209.355060][ T6926]  </TASK>
[  209.355125][ T6926] ERROR: Out of memory at tomoyo_realpath_from_path.
[  210.539640][ T6022] r8152-cfgselector 5-1: USB disconnect, device number 13
[  210.543839][ T6943] nfs4: Unknown parameter '/dev/sequen'
[  210.843316][ T6961] FAULT_INJECTION: forcing a failure.
[  210.843316][ T6961] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.843339][ T6961] CPU: 1 UID: 0 PID: 6961 Comm: syz.2.322 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  210.843351][ T6961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  210.843357][ T6961] Call Trace:
[  210.843361][ T6961]  <TASK>
[  210.843366][ T6961]  dump_stack_lvl+0xe8/0x150
[  210.843384][ T6961]  should_fail_ex+0x46c/0x600
[  210.843402][ T6961]  _copy_to_user+0x31/0xb0
[  210.843413][ T6961]  simple_read_from_buffer+0xe1/0x170
[  210.843427][ T6961]  proc_fail_nth_read+0x1b6/0x220
[  210.843444][ T6961]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  210.843460][ T6961]  ? rw_verify_area+0x2ac/0x4e0
[  210.843473][ T6961]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  210.843488][ T6961]  vfs_read+0x206/0xa30
[  210.843506][ T6961]  ? __pfx_vfs_read+0x10/0x10
[  210.843521][ T6961]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  210.843531][ T6961]  ? lockdep_hardirqs_on+0x7b/0x110
[  210.843541][ T6961]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  210.843551][ T6961]  ? mutex_lock_nested+0x154/0x1d0
[  210.843564][ T6961]  ? fdget_pos+0x253/0x320
[  210.843579][ T6961]  ksys_read+0x14b/0x260
[  210.843594][ T6961]  ? __pfx_ksys_read+0x10/0x10
[  210.843613][ T6961]  do_syscall_64+0xec/0xf80
[  210.843623][ T6961]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.843632][ T6961]  ? trace_irq_disable+0x37/0x100
[  210.843643][ T6961]  ? clear_bhb_loop+0x60/0xb0
[  210.843655][ T6961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.843665][ T6961] RIP: 0033:0x7f50dabee15c
[  210.843675][ T6961] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  210.843684][ T6961] RSP: 002b:00007f50d8e0c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  210.843696][ T6961] RAX: ffffffffffffffda RBX: 00007f50dae46180 RCX: 00007f50dabee15c
[  210.843703][ T6961] RDX: 000000000000000f RSI: 00007f50d8e0c0a0 RDI: 0000000000000009
[  210.843709][ T6961] RBP: 00007f50d8e0c090 R08: 0000000000000000 R09: 0000000000000000
[  210.843716][ T6961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.843721][ T6961] R13: 00007f50dae46218 R14: 00007f50dae46180 R15: 00007ffe57bf0dd8
[  210.843737][ T6961]  </TASK>
[  212.626144][   T37] audit: type=1326 audit(1766922796.014:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6929 comm="syz.3.317" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca0892f749 code=0x0
[  215.276075][ T6993] nfs4: Unknown parameter '/dev/sequen'
[  215.731175][ T7008] FAULT_INJECTION: forcing a failure.
[  215.731175][ T7008] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.731198][ T7008] CPU: 1 UID: 0 PID: 7008 Comm: syz.2.337 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  215.731210][ T7008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  215.731217][ T7008] Call Trace:
[  215.731221][ T7008]  <TASK>
[  215.731225][ T7008]  dump_stack_lvl+0xe8/0x150
[  215.731243][ T7008]  should_fail_ex+0x46c/0x600
[  215.731261][ T7008]  _copy_from_user+0x2d/0xb0
[  215.731272][ T7008]  ___sys_recvmsg+0x12e/0x510
[  215.731285][ T7008]  ? get_pid_task+0x20/0x1f0
[  215.731298][ T7008]  ? get_pid_task+0x20/0x1f0
[  215.731312][ T7008]  ? __pfx____sys_recvmsg+0x10/0x10
[  215.731327][ T7008]  ? __fget_files+0x2a/0x420
[  215.731347][ T7008]  ? __fget_files+0x3a6/0x420
[  215.731362][ T7008]  __x64_sys_recvmsg+0x19e/0x260
[  215.731376][ T7008]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  215.731394][ T7008]  ? __pfx_ksys_write+0x10/0x10
[  215.731413][ T7008]  do_syscall_64+0xec/0xf80
[  215.731424][ T7008]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.731433][ T7008]  ? trace_irq_disable+0x37/0x100
[  215.731445][ T7008]  ? clear_bhb_loop+0x60/0xb0
[  215.731457][ T7008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.731466][ T7008] RIP: 0033:0x7f50dabef749
[  215.731476][ T7008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.731485][ T7008] RSP: 002b:00007f50d8e4e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  215.731496][ T7008] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabef749
[  215.731504][ T7008] RDX: 000000000000f0ff RSI: 00002000000005c0 RDI: 0000000000000004
[  215.731510][ T7008] RBP: 00007f50d8e4e090 R08: 0000000000000000 R09: 0000000000000000
[  215.731517][ T7008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.731523][ T7008] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  215.731538][ T7008]  </TASK>
[  215.817793][ T7005] netlink: 8 bytes leftover after parsing attributes in process `syz.3.327'.
[  217.609927][   T37] audit: type=1326 audit(1766922801.014:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7028 comm="syz.2.338" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f50dabef749 code=0x0
[  217.820963][ T7005] netlink: 12 bytes leftover after parsing attributes in process `syz.3.327'.
[  221.870802][   T37] audit: type=1326 audit(1766922805.434:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7066 comm="syz.1.349" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f698c3df749 code=0x0
[  222.057699][ T5910] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  222.214457][ T5910] usb 1-1: Using ep0 maxpacket: 32
[  222.220613][ T5910] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  222.220639][ T5910] usb 1-1: config 0 has no interface number 0
[  222.220688][ T5910] usb 1-1: config 0 interface 184 has no altsetting 0
[  222.223111][ T5910] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  222.223137][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.223157][ T5910] usb 1-1: Product: syz
[  222.223171][ T5910] usb 1-1: Manufacturer: syz
[  222.223186][ T5910] usb 1-1: SerialNumber: syz
[  222.285019][ T5910] usb 1-1: config 0 descriptor??
[  222.328864][ T5910] smsc75xx v1.0.0
[  222.517098][ T7106] FAULT_INJECTION: forcing a failure.
[  222.517098][ T7106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.517132][ T7106] CPU: 0 UID: 0 PID: 7106 Comm: syz.2.354 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  222.517158][ T7106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  222.517169][ T7106] Call Trace:
[  222.517177][ T7106]  <TASK>
[  222.517187][ T7106]  dump_stack_lvl+0xe8/0x150
[  222.517215][ T7106]  should_fail_ex+0x46c/0x600
[  222.517246][ T7106]  _copy_to_user+0x31/0xb0
[  222.517268][ T7106]  simple_read_from_buffer+0xe1/0x170
[  222.517292][ T7106]  proc_fail_nth_read+0x1b6/0x220
[  222.517321][ T7106]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  222.517350][ T7106]  ? rw_verify_area+0x2ac/0x4e0
[  222.517373][ T7106]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  222.517400][ T7106]  vfs_read+0x206/0xa30
[  222.517432][ T7106]  ? __pfx_vfs_read+0x10/0x10
[  222.517458][ T7106]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  222.517487][ T7106]  ? lockdep_hardirqs_on+0x7b/0x110
[  222.517505][ T7106]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  222.517524][ T7106]  ? mutex_lock_nested+0x154/0x1d0
[  222.517546][ T7106]  ? fdget_pos+0x253/0x320
[  222.517575][ T7106]  ksys_read+0x14b/0x260
[  222.517602][ T7106]  ? __pfx_ksys_read+0x10/0x10
[  222.517637][ T7106]  do_syscall_64+0xec/0xf80
[  222.517655][ T7106]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.517673][ T7106]  ? trace_irq_disable+0x37/0x100
[  222.517692][ T7106]  ? clear_bhb_loop+0x60/0xb0
[  222.517715][ T7106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.517733][ T7106] RIP: 0033:0x7f50dabee15c
[  222.517750][ T7106] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  222.517765][ T7106] RSP: 002b:00007f50d8e4e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  222.517785][ T7106] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabee15c
[  222.517799][ T7106] RDX: 000000000000000f RSI: 00007f50d8e4e0a0 RDI: 0000000000000004
[  222.517810][ T7106] RBP: 00007f50d8e4e090 R08: 0000000000000000 R09: 0000000000000000
[  222.517822][ T7106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.517833][ T7106] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  222.517865][ T7106]  </TASK>
[  222.635203][ T7077] cgroup: fork rejected by pids controller in /syz3
[  224.836263][ T7126] netlink: 332 bytes leftover after parsing attributes in process `syz.2.359'.
[  224.836340][ T7126] netlink: 160 bytes leftover after parsing attributes in process `syz.2.359'.
[  224.921214][ T5910] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  224.921246][ T5910] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  224.921268][ T5910] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  224.921571][ T5910] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  224.946327][ T5910] usb 1-1: USB disconnect, device number 6
[  225.413081][ T7139] netlink: 48 bytes leftover after parsing attributes in process `syz.3.362'.
[  225.413381][ T7139] netlink: 48 bytes leftover after parsing attributes in process `syz.3.362'.
[  227.637334][   T37] audit: type=1326 audit(1766922811.094:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7142 comm="syz.1.363" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f698c3df749 code=0x0
[  235.179337][ T7189] netlink: 884 bytes leftover after parsing attributes in process `syz.0.374'.
[  235.184434][   T37] audit: type=1326 audit(1766922819.084:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7181 comm="syz.4.375" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11ff749 code=0x0
[  235.486980][ T7195] netlink: 'syz.1.377': attribute type 1 has an invalid length.
[  235.721846][ T7199] netlink: 8 bytes leftover after parsing attributes in process `syz.1.377'.
[  235.721861][ T7199] netlink: 24 bytes leftover after parsing attributes in process `syz.1.377'.
[  235.866957][ T7195] 8021q: adding VLAN 0 to HW filter on device bond1
[  235.942909][ T7197] macvlan2: entered allmulticast mode
[  236.744345][ T7221] FAULT_INJECTION: forcing a failure.
[  236.744345][ T7221] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  236.744469][ T7221] CPU: 0 UID: 0 PID: 7221 Comm: syz.0.387 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  236.744501][ T7221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  236.744511][ T7221] Call Trace:
[  236.744518][ T7221]  <TASK>
[  236.744527][ T7221]  dump_stack_lvl+0xe8/0x150
[  236.744557][ T7221]  should_fail_ex+0x46c/0x600
[  236.744586][ T7221]  prepare_alloc_pages+0x22b/0x6c0
[  236.744612][ T7221]  __alloc_frozen_pages_noprof+0x123/0x370
[  236.744635][ T7221]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  236.744664][ T7221]  ? policy_nodemask+0x27c/0x720
[  236.744688][ T7221]  alloc_pages_mpol+0xd1/0x380
[  236.744711][ T7221]  alloc_pages_noprof+0xcf/0x1e0
[  236.744733][ T7221]  pte_alloc_one+0x23/0x380
[  236.744754][ T7221]  ? do_pte_missing+0xd59/0x27a0
[  236.744774][ T7221]  do_pte_missing+0x147b/0x27a0
[  236.744798][ T7221]  ? mt_find+0x46f/0x5e0
[  236.744824][ T7221]  ? handle_mm_fault+0xd1/0x1330
[  236.744847][ T7221]  handle_mm_fault+0xcc1/0x1330
[  236.744877][ T7221]  ? handle_mm_fault+0xd1/0x1330
[  236.744902][ T7221]  ? __pfx_handle_mm_fault+0x10/0x10
[  236.744938][ T7221]  ? __lock_acquire+0x6b6/0x2cf0
[  236.744969][ T7221]  ? lock_mm_and_find_vma+0x9c/0x300
[  236.744991][ T7221]  do_user_addr_fault+0x764/0x1380
[  236.745026][ T7221]  exc_page_fault+0x71/0xd0
[  236.745046][ T7221]  asm_exc_page_fault+0x26/0x30
[  236.745063][ T7221] RIP: 0010:__get_user_4+0x14/0x20
[  236.745086][ T7221] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 d0 18 05 00 90 90 90 90 90 90 90 90 90 90
[  236.745101][ T7221] RSP: 0018:ffffc900045d7d90 EFLAGS: 00050287
[  236.745118][ T7221] RAX: 00007f275dfe2000 RBX: ffff888034e8c218 RCX: 0000000000000046
[  236.745132][ T7221] RDX: 00007ffffffff000 RSI: ffffffff8cfdee10 RDI: ffffffff8b3f57e0
[  236.745145][ T7221] RBP: ffffc900045d7ee0 R08: ffffffff820a76f0 R09: ffff888035d1a9f0
[  236.745159][ T7221] R10: ffffc900045d7e20 R11: fffff520008bafcc R12: 00007f275dfe2000
[  236.745174][ T7221] R13: dffffc0000000000 R14: ffff888035d1a640 R15: dffffc0000000000
[  236.745196][ T7221]  ? __might_fault+0xb0/0x130
[  236.745227][ T7221]  lookup_ioctx+0x62/0x720
[  236.745266][ T7221]  __se_sys_io_submit+0xa8/0x320
[  236.745287][ T7221]  ? fput+0xa0/0xd0
[  236.745307][ T7221]  ? __pfx___se_sys_io_submit+0x10/0x10
[  236.745326][ T7221]  ? ksys_write+0x230/0x260
[  236.745366][ T7221]  do_syscall_64+0xec/0xf80
[  236.745385][ T7221]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.745401][ T7221]  ? trace_irq_disable+0x37/0x100
[  236.745418][ T7221]  ? clear_bhb_loop+0x60/0xb0
[  236.745439][ T7221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.745456][ T7221] RIP: 0033:0x7f275fdaf749
[  236.745472][ T7221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.745487][ T7221] RSP: 002b:00007f275e016038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  236.745504][ T7221] RAX: ffffffffffffffda RBX: 00007f2760005fa0 RCX: 00007f275fdaf749
[  236.745516][ T7221] RDX: 0000200000000400 RSI: 0000000000000001 RDI: 00007f275dfe2000
[  236.745527][ T7221] RBP: 00007f275e016090 R08: 0000000000000000 R09: 0000000000000000
[  236.745537][ T7221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.745548][ T7221] R13: 00007f2760006038 R14: 00007f2760005fa0 R15: 00007ffc9a5bda88
[  236.745576][ T7221]  </TASK>
[  238.868676][   T37] audit: type=1326 audit(1766922823.234:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.1.388" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f698c3df749 code=0x0
[  240.844752][ T7257] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.845277][ T7257] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.845953][ T7253] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.846415][ T7253] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.900151][ T5886] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  241.159552][ T5886] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  241.159585][ T5886] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.159607][ T5886] usb 5-1: Product: syz
[  241.159621][ T5886] usb 5-1: Manufacturer: syz
[  241.159636][ T5886] usb 5-1: SerialNumber: syz
[  241.201562][ T5886] usb 5-1: config 0 descriptor??
[  241.221275][ T5886] gspca_main: sq930x-2.14.0 probing 2770:930c
[  241.405602][ T5886] gspca_sq930x: reg_r 001f failed -71
[  241.405711][ T5886] sq930x 5-1:0.0: probe with driver sq930x failed with error -71
[  241.445247][ T5886] usb 5-1: USB disconnect, device number 14
[  242.151882][ T7288] FAULT_INJECTION: forcing a failure.
[  242.151882][ T7288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.151930][ T7288] CPU: 0 UID: 0 PID: 7288 Comm: syz.0.399 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  242.151953][ T7288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  242.151968][ T7288] Call Trace:
[  242.151978][ T7288]  <TASK>
[  242.151986][ T7288]  dump_stack_lvl+0xe8/0x150
[  242.152015][ T7288]  should_fail_ex+0x46c/0x600
[  242.152044][ T7288]  _copy_from_user+0x2d/0xb0
[  242.152064][ T7288]  do_sock_getsockopt+0x15c/0x3d0
[  242.152089][ T7288]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  242.152111][ T7288]  ? __fget_files+0x3a6/0x420
[  242.152130][ T7288]  ? __fget_files+0x2a/0x420
[  242.152154][ T7288]  __x64_sys_getsockopt+0x1ab/0x250
[  242.152184][ T7288]  do_syscall_64+0xec/0xf80
[  242.152204][ T7288]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.152221][ T7288]  ? trace_irq_disable+0x37/0x100
[  242.152241][ T7288]  ? clear_bhb_loop+0x60/0xb0
[  242.152262][ T7288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.152279][ T7288] RIP: 0033:0x7f275fdaf749
[  242.152294][ T7288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.152309][ T7288] RSP: 002b:00007f275e016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  242.152328][ T7288] RAX: ffffffffffffffda RBX: 00007f2760005fa0 RCX: 00007f275fdaf749
[  242.152342][ T7288] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000003
[  242.152354][ T7288] RBP: 00007f275e016090 R08: 0000200000000000 R09: 0000000000000000
[  242.152367][ T7288] R10: 0000200000001200 R11: 0000000000000246 R12: 0000000000000001
[  242.152380][ T7288] R13: 00007f2760006038 R14: 00007f2760005fa0 R15: 00007ffc9a5bda88
[  242.152409][ T7288]  </TASK>
[  243.830507][   T37] audit: type=1326 audit(1766922828.254:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7293 comm="syz.0.401" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f275fdaf749 code=0x0
[  244.412259][ T7308] FAULT_INJECTION: forcing a failure.
[  244.412259][ T7308] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.412281][ T7308] CPU: 1 UID: 0 PID: 7308 Comm: syz.2.405 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  244.412293][ T7308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  244.412300][ T7308] Call Trace:
[  244.412304][ T7308]  <TASK>
[  244.412309][ T7308]  dump_stack_lvl+0xe8/0x150
[  244.412327][ T7308]  should_fail_ex+0x46c/0x600
[  244.412345][ T7308]  _copy_from_user+0x2d/0xb0
[  244.412357][ T7308]  ___sys_sendmsg+0x158/0x2a0
[  244.412372][ T7308]  ? __pfx____sys_sendmsg+0x10/0x10
[  244.412387][ T7308]  ? kstrtouint+0x6e/0xe0
[  244.412412][ T7308]  ? __fget_files+0x2a/0x420
[  244.412423][ T7308]  ? __fget_files+0x3a6/0x420
[  244.412442][ T7308]  __sys_sendmmsg+0x22d/0x430
[  244.412467][ T7308]  ? __pfx___sys_sendmmsg+0x10/0x10
[  244.412496][ T7308]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  244.412533][ T7308]  ? ksys_write+0x230/0x260
[  244.412559][ T7308]  ? __pfx_ksys_write+0x10/0x10
[  244.412604][ T7308]  __x64_sys_sendmmsg+0xa0/0xc0
[  244.412628][ T7308]  do_syscall_64+0xec/0xf80
[  244.412644][ T7308]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.412653][ T7308]  ? trace_irq_disable+0x37/0x100
[  244.412665][ T7308]  ? clear_bhb_loop+0x60/0xb0
[  244.412677][ T7308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.412686][ T7308] RIP: 0033:0x7f50dabef749
[  244.412697][ T7308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.412705][ T7308] RSP: 002b:00007f50d8e4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  244.412717][ T7308] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabef749
[  244.412724][ T7308] RDX: 0000000000000300 RSI: 0000200000004d00 RDI: 0000000000000004
[  244.412731][ T7308] RBP: 00007f50d8e4e090 R08: 0000000000000000 R09: 0000000000000000
[  244.412738][ T7308] R10: 0000000000000f00 R11: 0000000000000246 R12: 0000000000000001
[  244.412744][ T7308] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  244.412759][ T7308]  </TASK>
[  244.663577][ T7310] netlink: 4 bytes leftover after parsing attributes in process `syz.4.404'.
[  245.542240][ T7325] FAULT_INJECTION: forcing a failure.
[  245.542240][ T7325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.542274][ T7325] CPU: 1 UID: 0 PID: 7325 Comm: syz.2.409 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  245.542297][ T7325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  245.542309][ T7325] Call Trace:
[  245.542317][ T7325]  <TASK>
[  245.542325][ T7325]  dump_stack_lvl+0xe8/0x150
[  245.542355][ T7325]  should_fail_ex+0x46c/0x600
[  245.542384][ T7325]  _copy_from_user+0x2d/0xb0
[  245.542404][ T7325]  netlink_setsockopt+0x1af/0x770
[  245.542435][ T7325]  ? __pfx_netlink_setsockopt+0x10/0x10
[  245.542464][ T7325]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  245.542486][ T7325]  ? __pfx_netlink_setsockopt+0x10/0x10
[  245.542512][ T7325]  do_sock_setsockopt+0x17c/0x1b0
[  245.542539][ T7325]  __x64_sys_setsockopt+0x145/0x1b0
[  245.542566][ T7325]  do_syscall_64+0xec/0xf80
[  245.542585][ T7325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.542603][ T7325]  ? trace_irq_disable+0x37/0x100
[  245.542622][ T7325]  ? clear_bhb_loop+0x60/0xb0
[  245.542653][ T7325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.542672][ T7325] RIP: 0033:0x7f50dabef749
[  245.542688][ T7325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.542704][ T7325] RSP: 002b:00007f50d8e4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  245.542724][ T7325] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabef749
[  245.542738][ T7325] RDX: 0000000000000002 RSI: 000000000000010e RDI: 0000000000000003
[  245.542751][ T7325] RBP: 00007f50d8e4e090 R08: 0000000000000004 R09: 0000000000000000
[  245.542763][ T7325] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  245.542775][ T7325] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  245.542805][ T7325]  </TASK>
[  246.279839][ T7335] binder: 7334:7335 ioctl c0306201 0 returned -14
[  246.668688][ T7347] FAULT_INJECTION: forcing a failure.
[  246.668688][ T7347] name failslab, interval 1, probability 0, space 0, times 0
[  246.668769][ T7347] CPU: 0 UID: 0 PID: 7347 Comm: syz.3.416 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  246.668786][ T7347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  246.668795][ T7347] Call Trace:
[  246.668803][ T7347]  <TASK>
[  246.668819][ T7347]  dump_stack_lvl+0xe8/0x150
[  246.668845][ T7347]  should_fail_ex+0x46c/0x600
[  246.668871][ T7347]  should_failslab+0xa8/0x100
[  246.668888][ T7347]  __kmalloc_noprof+0xe0/0x7e0
[  246.668911][ T7347]  ? kernfs_fop_write_iter+0x159/0x540
[  246.668933][ T7347]  kernfs_fop_write_iter+0x159/0x540
[  246.668954][ T7347]  vfs_write+0x5d5/0xb40
[  246.668976][ T7347]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  246.668993][ T7347]  ? __pfx_vfs_write+0x10/0x10
[  246.669014][ T7347]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  246.669030][ T7347]  ? lockdep_hardirqs_on+0x7b/0x110
[  246.669046][ T7347]  ? mutex_lock_nested+0x154/0x1d0
[  246.669064][ T7347]  ? fdget_pos+0x253/0x320
[  246.669087][ T7347]  ksys_write+0x14b/0x260
[  246.669109][ T7347]  ? __pfx_ksys_write+0x10/0x10
[  246.669136][ T7347]  do_syscall_64+0xec/0xf80
[  246.669151][ T7347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.669164][ T7347]  ? trace_irq_disable+0x37/0x100
[  246.669180][ T7347]  ? clear_bhb_loop+0x60/0xb0
[  246.669199][ T7347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.669214][ T7347] RIP: 0033:0x7fca0892f749
[  246.669229][ T7347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.669242][ T7347] RSP: 002b:00007fca06b96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  246.669259][ T7347] RAX: ffffffffffffffda RBX: 00007fca08b85fa0 RCX: 00007fca0892f749
[  246.669271][ T7347] RDX: 0000000000000012 RSI: 0000200000000200 RDI: 000000000000000b
[  246.669281][ T7347] RBP: 00007fca06b96090 R08: 0000000000000000 R09: 0000000000000000
[  246.669290][ T7347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.669300][ T7347] R13: 00007fca08b86038 R14: 00007fca08b85fa0 R15: 00007ffe234014b8
[  246.669324][ T7347]  </TASK>
[  248.984904][ T7335] binder: 7334:7335 ioctl c0306201 200000000380 returned -14
[  249.122893][ T5815] Bluetooth: hci4: command 0x0406 tx timeout
[  251.200215][ T5814] Bluetooth: hci4: command 0x0406 tx timeout
[  251.610239][ T6007] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  251.653865][ T7378] cgroup: fork rejected by pids controller in /syz4
[  251.781199][ T6007] usb 1-1: Using ep0 maxpacket: 16
[  251.783364][ T6007] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  251.783391][ T6007] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  251.785908][ T6007] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  251.785935][ T6007] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.785955][ T6007] usb 1-1: Product: syz
[  251.785969][ T6007] usb 1-1: Manufacturer: syz
[  251.786036][ T6007] usb 1-1: SerialNumber: syz
[  251.789997][ T6007] usb 1-1: config 0 descriptor??
[  251.871241][ T6007] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  251.871267][ T6007] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[  252.390393][ T6005] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  252.481634][ T6007] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  252.482377][ T6007] em28xx 1-1:0.0: Config register raw data: 0x41
[  252.557714][ T6005] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  252.557747][ T6005] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.557769][ T6005] usb 3-1: Product: syz
[  252.557784][ T6005] usb 3-1: Manufacturer: syz
[  252.557799][ T6005] usb 3-1: SerialNumber: syz
[  252.601676][ T6005] usb 3-1: config 0 descriptor??
[  252.696684][ T5811] usb 1-1: USB disconnect, device number 7
[  252.711538][ T5811] em28xx 1-1:0.0: Disconnecting em28xx
[  252.754157][ T5811] em28xx 1-1:0.0: Freeing device
[  253.038922][ T5886] usb 3-1: USB disconnect, device number 11
[  254.195305][ T7518] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  254.591481][ T7528] FAULT_INJECTION: forcing a failure.
[  254.591481][ T7528] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.591515][ T7528] CPU: 0 UID: 0 PID: 7528 Comm: syz.1.441 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  254.591536][ T7528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  254.591547][ T7528] Call Trace:
[  254.591554][ T7528]  <TASK>
[  254.591562][ T7528]  dump_stack_lvl+0xe8/0x150
[  254.591592][ T7528]  should_fail_ex+0x46c/0x600
[  254.591620][ T7528]  _copy_from_user+0x2d/0xb0
[  254.591639][ T7528]  do_sys_poll+0x23d/0xed0
[  254.591667][ T7528]  ? __lock_acquire+0x6b6/0x2cf0
[  254.591693][ T7528]  ? __pfx_do_sys_poll+0x10/0x10
[  254.591713][ T7528]  ? is_bpf_text_address+0x292/0x2b0
[  254.591736][ T7528]  ? is_bpf_text_address+0x26/0x2b0
[  254.591758][ T7528]  ? do_sys_openat2+0x15a/0x200
[  254.591872][ T7528]  ? set_user_sigmask+0xc1/0x250
[  254.591914][ T7528]  ? __pfx_set_user_sigmask+0x10/0x10
[  254.591946][ T7528]  __se_sys_ppoll+0x1ff/0x260
[  254.591967][ T7528]  ? __pfx___se_sys_ppoll+0x10/0x10
[  254.591986][ T7528]  ? __pfx_ksys_write+0x10/0x10
[  254.592016][ T7528]  ? __x64_sys_ppoll+0x20/0xc0
[  254.592036][ T7528]  do_syscall_64+0xec/0xf80
[  254.592055][ T7528]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.592073][ T7528]  ? trace_irq_disable+0x37/0x100
[  254.592093][ T7528]  ? clear_bhb_loop+0x60/0xb0
[  254.592115][ T7528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.592134][ T7528] RIP: 0033:0x7f698c3df749
[  254.592151][ T7528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.592167][ T7528] RSP: 002b:00007f698a646038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  254.592188][ T7528] RAX: ffffffffffffffda RBX: 00007f698c635fa0 RCX: 00007f698c3df749
[  254.592202][ T7528] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0
[  254.592215][ T7528] RBP: 00007f698a646090 R08: 0000000000000000 R09: 0000000000000000
[  254.592227][ T7528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.592238][ T7528] R13: 00007f698c636038 R14: 00007f698c635fa0 R15: 00007ffe0bce4db8
[  254.592288][ T7528]  </TASK>
[  254.866464][ T7530] warning: `syz.4.442' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  255.170908][ T7539] FAULT_INJECTION: forcing a failure.
[  255.170908][ T7539] name failslab, interval 1, probability 0, space 0, times 0
[  255.170930][ T7539] CPU: 1 UID: 0 PID: 7539 Comm: syz.1.444 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  255.170943][ T7539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  255.170950][ T7539] Call Trace:
[  255.170955][ T7539]  <TASK>
[  255.170960][ T7539]  dump_stack_lvl+0xe8/0x150
[  255.170979][ T7539]  should_fail_ex+0x46c/0x600
[  255.170996][ T7539]  should_failslab+0xa8/0x100
[  255.171007][ T7539]  __kmalloc_noprof+0xe0/0x7e0
[  255.171022][ T7539]  ? kfree+0x4d/0x900
[  255.171033][ T7539]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  255.171047][ T7539]  tomoyo_realpath_from_path+0xe3/0x5d0
[  255.171058][ T7539]  ? tomoyo_domain+0xd9/0x130
[  255.171074][ T7539]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  255.171088][ T7539]  tomoyo_path_number_perm+0x1e8/0x5a0
[  255.171103][ T7539]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  255.171116][ T7539]  ? __lock_acquire+0x6b6/0x2cf0
[  255.171131][ T7539]  ? do_raw_spin_lock+0x121/0x290
[  255.171160][ T7539]  ? __fget_files+0x2a/0x420
[  255.171173][ T7539]  ? __fget_files+0x2a/0x420
[  255.171182][ T7539]  ? __fget_files+0x3a6/0x420
[  255.171192][ T7539]  ? __fget_files+0x2a/0x420
[  255.171204][ T7539]  security_file_ioctl+0xcb/0x2d0
[  255.171220][ T7539]  __se_sys_ioctl+0x47/0x170
[  255.171236][ T7539]  do_syscall_64+0xec/0xf80
[  255.171246][ T7539]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.171256][ T7539]  ? trace_irq_disable+0x37/0x100
[  255.171268][ T7539]  ? clear_bhb_loop+0x60/0xb0
[  255.171280][ T7539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.171290][ T7539] RIP: 0033:0x7f698c3df749
[  255.171300][ T7539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.171309][ T7539] RSP: 002b:00007f698a625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  255.171327][ T7539] RAX: ffffffffffffffda RBX: 00007f698c636090 RCX: 00007f698c3df749
[  255.171335][ T7539] RDX: 00002000000000c0 RSI: 00000000c040aed5 RDI: 0000000000000009
[  255.171342][ T7539] RBP: 00007f698a625090 R08: 0000000000000000 R09: 0000000000000000
[  255.171348][ T7539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.171354][ T7539] R13: 00007f698c636128 R14: 00007f698c636090 R15: 00007ffe0bce4db8
[  255.171371][ T7539]  </TASK>
[  255.171376][ T7539] ERROR: Out of memory at tomoyo_realpath_from_path.
[  256.216683][ T1326] ieee802154 phy0 wpan0: encryption failed: -22
[  256.216754][ T1326] ieee802154 phy1 wpan1: encryption failed: -22
[  257.492017][ T7557] cgroup: fork rejected by pids controller in /syz0
[  258.356419][ T7609] capability: warning: `syz.4.458' uses 32-bit capabilities (legacy support in use)
[  258.404101][ T7609] program syz.4.458 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  258.652221][ T6007] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  258.810186][ T6007] usb 5-1: Using ep0 maxpacket: 32
[  258.816345][ T6007] usb 5-1: config 4 has an invalid interface number: 228 but max is 0
[  258.816375][ T6007] usb 5-1: config 4 has no interface number 0
[  258.816421][ T6007] usb 5-1: config 4 interface 228 altsetting 4 endpoint 0x7 has invalid maxpacket 12336, setting to 1024
[  258.816447][ T6007] usb 5-1: config 4 interface 228 altsetting 4 bulk endpoint 0x7 has invalid maxpacket 1024
[  258.816472][ T6007] usb 5-1: config 4 interface 228 has no altsetting 0
[  258.819128][ T6007] usb 5-1: New USB device found, idVendor=0499, idProduct=a9a2, bcdDevice=c4.e8
[  258.819155][ T6007] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.819174][ T6007] usb 5-1: Product: syz
[  258.819188][ T6007] usb 5-1: Manufacturer: syz
[  258.819203][ T6007] usb 5-1: SerialNumber: syz
[  258.830976][ T7609] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  259.908558][   T37] audit: type=1326 audit(1766922845.134:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7601 comm="syz.1.455" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f698c3df749 code=0x0
[  259.965947][ T7615] FAULT_INJECTION: forcing a failure.
[  259.965947][ T7615] name failslab, interval 1, probability 0, space 0, times 0
[  259.965972][ T7615] CPU: 0 UID: 0 PID: 7615 Comm: syz.0.460 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  259.965985][ T7615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  259.965992][ T7615] Call Trace:
[  259.965999][ T7615]  <TASK>
[  259.966005][ T7615]  dump_stack_lvl+0xe8/0x150
[  259.966033][ T7615]  should_fail_ex+0x46c/0x600
[  259.966050][ T7615]  ? __alloc_skb+0x1dc/0x3a0
[  259.966062][ T7615]  should_failslab+0xa8/0x100
[  259.966073][ T7615]  ? __alloc_skb+0x1dc/0x3a0
[  259.966083][ T7615]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  259.966098][ T7615]  ? lockdep_hardirqs_on+0x7b/0x110
[  259.966110][ T7615]  ? __alloc_skb+0x198/0x3a0
[  259.966124][ T7615]  __alloc_skb+0x1dc/0x3a0
[  259.966137][ T7615]  alloc_skb_with_frags+0xca/0x890
[  259.966151][ T7615]  ? __lock_acquire+0x6b6/0x2cf0
[  259.966166][ T7615]  ? __lock_acquire+0x6b6/0x2cf0
[  259.966182][ T7615]  sock_alloc_send_pskb+0x859/0x990
[  259.966205][ T7615]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  259.966222][ T7615]  ? smack_socket_getpeersec_dgram+0x320/0x430
[  259.966242][ T7615]  unix_dgram_sendmsg+0x454/0x1840
[  259.966260][ T7615]  ? do_sys_openat2+0x15a/0x200
[  259.966274][ T7615]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  259.966292][ T7615]  ? __lock_acquire+0x6b6/0x2cf0
[  259.966306][ T7615]  ? _parse_integer_limit+0x1ae/0x1f0
[  259.966319][ T7615]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  259.966332][ T7615]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  259.966348][ T7615]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  259.966361][ T7615]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  259.966375][ T7615]  __sock_sendmsg+0x21c/0x270
[  259.966395][ T7615]  sock_write_iter+0x27f/0x370
[  259.966419][ T7615]  ? __pfx_sock_write_iter+0x10/0x10
[  259.966472][ T7615]  vfs_write+0x5d5/0xb40
[  259.966500][ T7615]  ? __pfx_sock_write_iter+0x10/0x10
[  259.966525][ T7615]  ? __pfx_vfs_write+0x10/0x10
[  259.966543][ T7615]  ? __fget_files+0x2a/0x420
[  259.966558][ T7615]  ksys_write+0x14b/0x260
[  259.966573][ T7615]  ? __pfx_ksys_write+0x10/0x10
[  259.966592][ T7615]  do_syscall_64+0xec/0xf80
[  259.966603][ T7615]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.966614][ T7615]  ? clear_bhb_loop+0x60/0xb0
[  259.966626][ T7615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.966636][ T7615] RIP: 0033:0x7f275fdaf749
[  259.966647][ T7615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.966657][ T7615] RSP: 002b:00007f275e016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  259.966669][ T7615] RAX: ffffffffffffffda RBX: 00007f2760005fa0 RCX: 00007f275fdaf749
[  259.966677][ T7615] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  259.966683][ T7615] RBP: 00007f275e016090 R08: 0000000000000000 R09: 0000000000000000
[  259.966690][ T7615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.966696][ T7615] R13: 00007f2760006038 R14: 00007f2760005fa0 R15: 00007ffc9a5bda88
[  259.966711][ T7615]  </TASK>
[  260.485668][ T7626] FAULT_INJECTION: forcing a failure.
[  260.485668][ T7626] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.485711][ T7626] CPU: 1 UID: 0 PID: 7626 Comm: syz.0.462 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  260.485733][ T7626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  260.485745][ T7626] Call Trace:
[  260.485753][ T7626]  <TASK>
[  260.485761][ T7626]  dump_stack_lvl+0xe8/0x150
[  260.485785][ T7626]  should_fail_ex+0x46c/0x600
[  260.485808][ T7626]  _copy_from_user+0x2d/0xb0
[  260.485823][ T7626]  ___sys_sendmsg+0x158/0x2a0
[  260.485842][ T7626]  ? __pfx____sys_sendmsg+0x10/0x10
[  260.485885][ T7626]  ? __fget_files+0x2a/0x420
[  260.485899][ T7626]  ? __fget_files+0x3a6/0x420
[  260.485921][ T7626]  __x64_sys_sendmsg+0x1a1/0x260
[  260.485940][ T7626]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  260.485965][ T7626]  ? __pfx_ksys_write+0x10/0x10
[  260.485992][ T7626]  do_syscall_64+0xec/0xf80
[  260.486008][ T7626]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.486021][ T7626]  ? trace_irq_disable+0x37/0x100
[  260.486036][ T7626]  ? clear_bhb_loop+0x60/0xb0
[  260.486053][ T7626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.486067][ T7626] RIP: 0033:0x7f275fdaf749
[  260.486085][ T7626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.486098][ T7626] RSP: 002b:00007f275e016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.486113][ T7626] RAX: ffffffffffffffda RBX: 00007f2760005fa0 RCX: 00007f275fdaf749
[  260.486123][ T7626] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[  260.486132][ T7626] RBP: 00007f275e016090 R08: 0000000000000000 R09: 0000000000000000
[  260.486140][ T7626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.486148][ T7626] R13: 00007f2760006038 R14: 00007f2760005fa0 R15: 00007ffc9a5bda88
[  260.486170][ T7626]  </TASK>
[  260.717496][ T6007] usb 5-1: USB disconnect, device number 15
[  260.808312][ T5950] udevd[5950]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:4.228/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  260.979121][ T7648] syz.4.465 (7648) used greatest stack depth: 16568 bytes left
[  261.590221][ T5952] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  261.740159][ T5952] usb 4-1: Using ep0 maxpacket: 32
[  261.743979][ T5952] usb 4-1: config 5 has too many interfaces: 238, using maximum allowed: 32
[  261.744006][ T5952] usb 4-1: config 5 descriptor has 1 excess byte, ignoring
[  261.744024][ T5952] usb 4-1: config 5 has 0 interfaces, different from the descriptor's value: 238
[  261.744060][ T5952] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  261.744084][ T5952] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.125039][ T5952] usb 4-1: string descriptor 0 read error: -71
[  263.167831][ T5952] usb 4-1: USB disconnect, device number 8
[  263.230450][ T6130] IPVS: starting estimator thread 0...
[  263.343043][ T7676] IPVS: using max 10 ests per chain, 24000 per kthread
[  264.455917][   T37] audit: type=1326 audit(1766922849.564:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7678 comm="syz.4.472" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11ff749 code=0x0
[  264.618589][ T7685] FAULT_INJECTION: forcing a failure.
[  264.618589][ T7685] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.618623][ T7685] CPU: 1 UID: 0 PID: 7685 Comm: syz.0.474 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  264.618646][ T7685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  264.618658][ T7685] Call Trace:
[  264.618666][ T7685]  <TASK>
[  264.618674][ T7685]  dump_stack_lvl+0xe8/0x150
[  264.618710][ T7685]  should_fail_ex+0x46c/0x600
[  264.618739][ T7685]  _copy_from_user+0x2d/0xb0
[  264.618759][ T7685]  ___sys_sendmsg+0x158/0x2a0
[  264.618785][ T7685]  ? __pfx____sys_sendmsg+0x10/0x10
[  264.618842][ T7685]  ? __fget_files+0x2a/0x420
[  264.618862][ T7685]  ? __fget_files+0x3a6/0x420
[  264.618891][ T7685]  __x64_sys_sendmsg+0x1a1/0x260
[  264.618917][ T7685]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  264.618949][ T7685]  ? __pfx_ksys_write+0x10/0x10
[  264.618985][ T7685]  do_syscall_64+0xec/0xf80
[  264.619003][ T7685]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.619021][ T7685]  ? trace_irq_disable+0x37/0x100
[  264.619041][ T7685]  ? clear_bhb_loop+0x60/0xb0
[  264.619063][ T7685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.619081][ T7685] RIP: 0033:0x7f275fdaf749
[  264.619098][ T7685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.619114][ T7685] RSP: 002b:00007f275e016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.619134][ T7685] RAX: ffffffffffffffda RBX: 00007f2760005fa0 RCX: 00007f275fdaf749
[  264.619149][ T7685] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[  264.619161][ T7685] RBP: 00007f275e016090 R08: 0000000000000000 R09: 0000000000000000
[  264.619173][ T7685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.619185][ T7685] R13: 00007f2760006038 R14: 00007f2760005fa0 R15: 00007ffc9a5bda88
[  264.619215][ T7685]  </TASK>
[  265.210449][ T5886] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  265.360239][ T5886] usb 2-1: Using ep0 maxpacket: 32
[  265.369128][ T5886] usb 2-1: unable to get BOS descriptor or descriptor too short
[  265.369215][ T5886] usb 2-1: too many configurations: 244, using maximum allowed: 8
[  265.395336][ T5886] usb 2-1: unable to read config index 0 descriptor/start: -61
[  265.395374][ T5886] usb 2-1: can't read configurations, error -61
[  265.540208][ T5886] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  265.700183][ T5886] usb 2-1: Using ep0 maxpacket: 32
[  265.702684][ T5886] usb 2-1: unable to get BOS descriptor or descriptor too short
[  265.702741][ T5886] usb 2-1: too many configurations: 244, using maximum allowed: 8
[  265.704212][ T5886] usb 2-1: unable to read config index 0 descriptor/start: -61
[  265.704234][ T5886] usb 2-1: can't read configurations, error -61
[  265.704473][ T5886] usb usb2-port1: attempt power cycle
[  266.083714][ T5886] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  266.134934][ T5886] usb 2-1: Using ep0 maxpacket: 32
[  266.138018][ T5886] usb 2-1: unable to get BOS descriptor or descriptor too short
[  266.138103][ T5886] usb 2-1: too many configurations: 244, using maximum allowed: 8
[  266.171977][ T5886] usb 2-1: unable to read config index 0 descriptor/start: -61
[  266.172016][ T5886] usb 2-1: can't read configurations, error -61
[  266.302004][ T5886] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  266.331211][ T5886] usb 2-1: Using ep0 maxpacket: 32
[  266.348988][ T5886] usb 2-1: unable to get BOS descriptor or descriptor too short
[  266.349041][ T5886] usb 2-1: too many configurations: 244, using maximum allowed: 8
[  266.370519][ T5886] usb 2-1: unable to read config index 0 descriptor/start: -61
[  266.370559][ T5886] usb 2-1: can't read configurations, error -61
[  266.370932][ T5886] usb usb2-port1: unable to enumerate USB device
[  267.249103][ T7727] ip6gre1: entered promiscuous mode
[  267.249132][ T7727] ip6gre1: entered allmulticast mode
[  267.330899][ T6914] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  267.340556][   T58] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  267.340841][   T58] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  267.590491][ T6914] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  267.660438][ T6914] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  268.378581][ T5811] IPVS: starting estimator thread 0...
[  268.560756][ T7748] IPVS: using max 8 ests per chain, 19200 per kthread
[  269.480197][ T5952] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  269.607980][ T6005] IPVS: starting estimator thread 0...
[  269.680200][ T5952] usb 1-1: Using ep0 maxpacket: 16
[  269.692214][ T7762] IPVS: using max 15 ests per chain, 36000 per kthread
[  269.704452][ T5952] usb 1-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[  269.704471][ T5952] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.704482][ T5952] usb 1-1: Product: syz
[  269.704490][ T5952] usb 1-1: Manufacturer: syz
[  269.704497][ T5952] usb 1-1: SerialNumber: syz
[  269.717224][ T5952] usb 1-1: config 0 descriptor??
[  270.656553][ T5952] speedtch 1-1:0.0: speedtch_bind: data interface not found!
[  270.656582][ T5952] speedtch 1-1:0.0: usbatm_usb_probe: bind failed: -19!
[  270.687323][ T5952] usb 1-1: USB disconnect, device number 8
[  272.297354][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  272.299604][   T37] audit: type=1326 audit(1766922856.674:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7767 comm="syz.0.499" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f275fdaf749 code=0x0
[  274.013242][ T6914] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  274.160132][ T6914] usb 2-1: Using ep0 maxpacket: 16
[  274.854691][ T6914] usb 2-1: config 0 has an invalid interface number: 254 but max is 0
[  274.854720][ T6914] usb 2-1: config 0 has no interface number 0
[  274.854745][ T6914] usb 2-1: config 0 interface 254 has no altsetting 0
[  274.860425][ T6914] usb 2-1: New USB device found, idVendor=054c, idProduct=002b, bcdDevice= 1.0a
[  274.860462][ T6914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.860478][ T6914] usb 2-1: Product: syz
[  274.860486][ T6914] usb 2-1: Manufacturer: syz
[  274.860494][ T6914] usb 2-1: SerialNumber: syz
[  274.943525][ T6914] usb 2-1: config 0 descriptor??
[  276.481773][ T5952] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  276.485694][   T37] audit: type=1326 audit(1766922860.934:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7792 comm="syz.0.500" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f275fdaf749 code=0x0
[  276.521267][ T6914] ums-isd200 2-1:0.254: USB Mass Storage device detected
[  276.744958][ T5952] usb 3-1: config 0 has an invalid interface number: 254 but max is 0
[  276.744987][ T5952] usb 3-1: config 0 has no interface number 0
[  276.745025][ T5952] usb 3-1: New USB device found, idVendor=12d1, idProduct=1431, bcdDevice= 0.00
[  276.745039][ T5952] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.806810][ T5952] usb 3-1: config 0 descriptor??
[  277.186067][ T7802] IPVS: ip_vs_add_dest(): server weight less than zero
[  277.252489][ T7790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.253837][ T7790] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.379594][ T7803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.392231][ T7803] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.432083][ T5952] usb 3-1: string descriptor 0 read error: -71
[  277.502823][ T5952] usb-storage 3-1:0.254: USB Mass Storage device detected
[  277.548928][ T6914] usb 2-1: USB disconnect, device number 15
[  277.660729][ T7809] FAULT_INJECTION: forcing a failure.
[  277.660729][ T7809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  277.660763][ T7809] CPU: 0 UID: 0 PID: 7809 Comm: syz.4.512 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  277.660785][ T7809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  277.660796][ T7809] Call Trace:
[  277.660803][ T7809]  <TASK>
[  277.660811][ T7809]  dump_stack_lvl+0xe8/0x150
[  277.660840][ T7809]  should_fail_ex+0x46c/0x600
[  277.660867][ T7809]  _copy_from_user+0x2d/0xb0
[  277.660885][ T7809]  ___sys_recvmsg+0x12e/0x510
[  277.660907][ T7809]  ? get_pid_task+0x20/0x1f0
[  277.660928][ T7809]  ? get_pid_task+0x20/0x1f0
[  277.660954][ T7809]  ? __pfx____sys_recvmsg+0x10/0x10
[  277.660981][ T7809]  ? __fget_files+0x2a/0x420
[  277.661015][ T7809]  ? __fget_files+0x3a6/0x420
[  277.661042][ T7809]  __x64_sys_recvmsg+0x19e/0x260
[  277.661065][ T7809]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  277.661096][ T7809]  ? __pfx_ksys_write+0x10/0x10
[  277.661127][ T7809]  do_syscall_64+0xec/0xf80
[  277.661145][ T7809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.661163][ T7809]  ? trace_irq_disable+0x37/0x100
[  277.661180][ T7809]  ? clear_bhb_loop+0x60/0xb0
[  277.661200][ T7809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.661215][ T7809] RIP: 0033:0x7f4cc11ff749
[  277.661232][ T7809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.661247][ T7809] RSP: 002b:00007f4cbf466038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  277.661267][ T7809] RAX: ffffffffffffffda RBX: 00007f4cc1455fa0 RCX: 00007f4cc11ff749
[  277.661281][ T7809] RDX: 000000000000f0ff RSI: 00002000000005c0 RDI: 0000000000000004
[  277.661292][ T7809] RBP: 00007f4cbf466090 R08: 0000000000000000 R09: 0000000000000000
[  277.661304][ T7809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.661315][ T7809] R13: 00007f4cc1456038 R14: 00007f4cc1455fa0 R15: 00007ffceac63018
[  277.661345][ T7809]  </TASK>
[  278.040440][ T5952] usb 3-1: USB disconnect, device number 12
[  278.669161][ T7837] FAULT_INJECTION: forcing a failure.
[  278.669161][ T7837] name failslab, interval 1, probability 0, space 0, times 0
[  278.669197][ T7837] CPU: 1 UID: 0 PID: 7837 Comm: syz.2.523 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  278.669220][ T7837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  278.669232][ T7837] Call Trace:
[  278.669239][ T7837]  <TASK>
[  278.669249][ T7837]  dump_stack_lvl+0xe8/0x150
[  278.669278][ T7837]  should_fail_ex+0x46c/0x600
[  278.669308][ T7837]  should_failslab+0xa8/0x100
[  278.669329][ T7837]  __kmalloc_noprof+0xe0/0x7e0
[  278.669355][ T7837]  ? fuse_dev_do_write+0x2d33/0x47e0
[  278.669391][ T7837]  fuse_dev_do_write+0x2d33/0x47e0
[  278.669439][ T7837]  ? __pfx_fuse_dev_do_write+0x10/0x10
[  278.669458][ T7837]  ? is_bpf_text_address+0x26/0x2b0
[  278.669481][ T7837]  ? do_sys_openat2+0x15a/0x200
[  278.669502][ T7837]  ? kernel_text_address+0xa5/0xe0
[  278.669530][ T7837]  ? __kernel_text_address+0xd/0x40
[  278.669568][ T7837]  ? _parse_integer_limit+0x1ae/0x1f0
[  278.669598][ T7837]  ? kstrtoull+0x12f/0x1d0
[  278.669624][ T7837]  ? kstrtouint+0x6e/0xe0
[  278.669647][ T7837]  ? get_pid_task+0x20/0x1f0
[  278.669683][ T7837]  fuse_dev_write+0x157/0x1e0
[  278.669702][ T7837]  ? __pfx_fuse_dev_write+0x10/0x10
[  278.669739][ T7837]  vfs_write+0x5d5/0xb40
[  278.669768][ T7837]  ? __pfx_fuse_dev_write+0x10/0x10
[  278.669787][ T7837]  ? __pfx_vfs_write+0x10/0x10
[  278.669822][ T7837]  ? __fget_files+0x2a/0x420
[  278.669855][ T7837]  ksys_write+0x14b/0x260
[  278.669882][ T7837]  ? __pfx_ksys_write+0x10/0x10
[  278.669918][ T7837]  do_syscall_64+0xec/0xf80
[  278.669938][ T7837]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.669956][ T7837]  ? trace_irq_disable+0x37/0x100
[  278.669975][ T7837]  ? clear_bhb_loop+0x60/0xb0
[  278.669998][ T7837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.670016][ T7837] RIP: 0033:0x7f50dabef749
[  278.670031][ T7837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.670045][ T7837] RSP: 002b:00007f50d8e4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  278.670064][ T7837] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabef749
[  278.670078][ T7837] RDX: 0000000000000030 RSI: 0000200000000140 RDI: 0000000000000004
[  278.670090][ T7837] RBP: 00007f50d8e4e090 R08: 0000000000000000 R09: 0000000000000000
[  278.670102][ T7837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  278.670113][ T7837] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  278.670145][ T7837]  </TASK>
[  280.004276][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  280.740544][ T7864] binder: 7863:7864 ioctl 4018620d 0 returned -22
[  281.376876][ T7868] cifs: Unknown parameter '
2í¡Qƒé
[  281.376876][ T7868] @Ý"2a×ch}#úä`Ü[TäŒ&¬æ:ÅèÙ"‚Õë�ï1:ºÃÃÓ­'Ä4,�Zz-#FÇ<æõ]%gCžÊ
[  281.376876][ T7868] SÃÿ
'
[  281.376905][ T7868] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  281.376928][ T7868] CIFS mount error: No usable UNC path provided in device string!
[  281.376928][ T7868] 
[  281.377171][ T7868] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  281.998134][ T7878] binder: 7877:7878 ioctl 541b 0 returned -22
[  282.076337][ T7881] binder: 7877:7881 ioctl 4018620d 0 returned -22
[  282.076645][ T7881] binder: 7877:7881 ioctl 4c0a 200000000080 returned -22
[  284.330778][ T7896] netlink: 4 bytes leftover after parsing attributes in process `syz.4.541'.
[  284.332000][   T37] audit: type=1326 audit(1766922868.914:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7882 comm="syz.1.538" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f698c3df749 code=0x0
[  285.088160][ T7910] netlink: 'syz.4.546': attribute type 11 has an invalid length.
[  285.088188][ T7910] netlink: 8 bytes leftover after parsing attributes in process `syz.4.546'.
[  285.353875][ T7918] FAULT_INJECTION: forcing a failure.
[  285.353875][ T7918] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.353908][ T7918] CPU: 1 UID: 0 PID: 7918 Comm: syz.4.549 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  285.353931][ T7918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  285.353943][ T7918] Call Trace:
[  285.353950][ T7918]  <TASK>
[  285.353959][ T7918]  dump_stack_lvl+0xe8/0x150
[  285.353987][ T7918]  should_fail_ex+0x46c/0x600
[  285.354017][ T7918]  _copy_from_user+0x2d/0xb0
[  285.354037][ T7918]  ___sys_sendmsg+0x158/0x2a0
[  285.354063][ T7918]  ? __pfx____sys_sendmsg+0x10/0x10
[  285.354118][ T7918]  ? __fget_files+0x2a/0x420
[  285.354136][ T7918]  ? __fget_files+0x3a6/0x420
[  285.354164][ T7918]  __x64_sys_sendmsg+0x1a1/0x260
[  285.354188][ T7918]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  285.354225][ T7918]  ? __pfx_ksys_write+0x10/0x10
[  285.354261][ T7918]  do_syscall_64+0xec/0xf80
[  285.354279][ T7918]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.354296][ T7918]  ? trace_irq_disable+0x37/0x100
[  285.354315][ T7918]  ? clear_bhb_loop+0x60/0xb0
[  285.354336][ T7918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.354353][ T7918] RIP: 0033:0x7f4cc11ff749
[  285.354369][ T7918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.354384][ T7918] RSP: 002b:00007f4cbf466038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  285.354403][ T7918] RAX: ffffffffffffffda RBX: 00007f4cc1455fa0 RCX: 00007f4cc11ff749
[  285.354418][ T7918] RDX: 0000000000000000 RSI: 0000200000000e40 RDI: 0000000000000004
[  285.354429][ T7918] RBP: 00007f4cbf466090 R08: 0000000000000000 R09: 0000000000000000
[  285.354441][ T7918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.354452][ T7918] R13: 00007f4cc1456038 R14: 00007f4cc1455fa0 R15: 00007ffceac63018
[  285.354481][ T7918]  </TASK>
[  287.626278][ T7934] TCP: TCP_TX_DELAY enabled
[  287.670868][ T7940] FAULT_INJECTION: forcing a failure.
[  287.670868][ T7940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.670892][ T7940] CPU: 0 UID: 0 PID: 7940 Comm: syz.4.554 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  287.670905][ T7940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  287.670912][ T7940] Call Trace:
[  287.670916][ T7940]  <TASK>
[  287.670921][ T7940]  dump_stack_lvl+0xe8/0x150
[  287.670939][ T7940]  should_fail_ex+0x46c/0x600
[  287.670970][ T7940]  _copy_from_user+0x2d/0xb0
[  287.670981][ T7940]  ___sys_sendmsg+0x158/0x2a0
[  287.670996][ T7940]  ? __pfx____sys_sendmsg+0x10/0x10
[  287.671031][ T7940]  ? __fget_files+0x2a/0x420
[  287.671042][ T7940]  ? __fget_files+0x3a6/0x420
[  287.671058][ T7940]  __x64_sys_sendmsg+0x1a1/0x260
[  287.671072][ T7940]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  287.671089][ T7940]  ? __pfx_ksys_write+0x10/0x10
[  287.671109][ T7940]  do_syscall_64+0xec/0xf80
[  287.671119][ T7940]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.671129][ T7940]  ? trace_irq_disable+0x37/0x100
[  287.671140][ T7940]  ? clear_bhb_loop+0x60/0xb0
[  287.671153][ T7940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.671163][ T7940] RIP: 0033:0x7f4cc11ff749
[  287.671173][ T7940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.671182][ T7940] RSP: 002b:00007f4cbf466038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  287.671195][ T7940] RAX: ffffffffffffffda RBX: 00007f4cc1455fa0 RCX: 00007f4cc11ff749
[  287.671202][ T7940] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000004
[  287.671209][ T7940] RBP: 00007f4cbf466090 R08: 0000000000000000 R09: 0000000000000000
[  287.671215][ T7940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.671222][ T7940] R13: 00007f4cc1456038 R14: 00007f4cc1455fa0 R15: 00007ffceac63018
[  287.671237][ T7940]  </TASK>
[  288.304775][ T7949] openvswitch: netlink: VXLAN extension 0 has unexpected len 2 expected 0
[  289.418217][ T7954] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  289.668892][ T7966] netlink: 168 bytes leftover after parsing attributes in process `syz.4.563'.
[  292.362133][   T37] audit: type=1326 audit(1766922877.594:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7973 comm="syz.0.564" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f275fdaf749 code=0x0
[  292.625786][ T5811] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  292.750198][ T5811] usb 5-1: device descriptor read/64, error -71
[  293.010156][ T5811] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  293.150240][ T5811] usb 5-1: device descriptor read/64, error -71
[  293.260697][ T5811] usb usb5-port1: attempt power cycle
[  293.730141][ T5811] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  294.346338][ T8018] FAULT_INJECTION: forcing a failure.
[  294.346338][ T8018] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  294.346371][ T8018] CPU: 0 UID: 0 PID: 8018 Comm: syz.1.576 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  294.346394][ T8018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  294.346406][ T8018] Call Trace:
[  294.346413][ T8018]  <TASK>
[  294.346422][ T8018]  dump_stack_lvl+0xe8/0x150
[  294.346450][ T8018]  should_fail_ex+0x46c/0x600
[  294.346481][ T8018]  _copy_from_user+0x2d/0xb0
[  294.346500][ T8018]  do_sock_getsockopt+0x15c/0x3d0
[  294.346526][ T8018]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  294.346550][ T8018]  ? __fget_files+0x3a6/0x420
[  294.346569][ T8018]  ? __fget_files+0x2a/0x420
[  294.346594][ T8018]  __x64_sys_getsockopt+0x1ab/0x250
[  294.346626][ T8018]  do_syscall_64+0xec/0xf80
[  294.346645][ T8018]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.346663][ T8018]  ? trace_irq_disable+0x37/0x100
[  294.346682][ T8018]  ? clear_bhb_loop+0x60/0xb0
[  294.346704][ T8018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.346723][ T8018] RIP: 0033:0x7f698c3df749
[  294.346744][ T8018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.346760][ T8018] RSP: 002b:00007f698a625038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  294.346781][ T8018] RAX: ffffffffffffffda RBX: 00007f698c636090 RCX: 00007f698c3df749
[  294.346795][ T8018] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000003
[  294.346806][ T8018] RBP: 00007f698a625090 R08: 0000200000000000 R09: 0000000000000000
[  294.346819][ T8018] R10: 0000200000001200 R11: 0000000000000246 R12: 0000000000000001
[  294.346832][ T8018] R13: 00007f698c636128 R14: 00007f698c636090 R15: 00007ffe0bce4db8
[  294.346863][ T8018]  </TASK>
[  294.470440][ T5811] usb 5-1: device descriptor read/8, error -71
[  294.720229][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  295.110201][   T31] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  295.294258][   T31] usb 2-1: Using ep0 maxpacket: 16
[  295.296860][   T31] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  295.296886][   T31] usb 2-1: config 0 has no interface number 0
[  295.296930][   T31] usb 2-1: config 0 interface 35 altsetting 0 has an endpoint descriptor with address 0x7A, changing to 0xA
[  295.296957][   T31] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0xA has an invalid bInterval 70, changing to 10
[  295.296985][   T31] usb 2-1: config 0 interface 35 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  295.297012][   T31] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  295.297038][   T31] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  295.305901][   T31] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[  295.305931][   T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.305952][   T31] usb 2-1: Product: syz
[  295.305967][   T31] usb 2-1: Manufacturer: syz
[  295.305982][   T31] usb 2-1: SerialNumber: syz
[  295.371522][   T31] usb 2-1: config 0 descriptor??
[  295.379934][ T8028] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  295.612456][   T31] usb 2-1: USB disconnect, device number 16
[  298.255464][ T6007] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  298.690173][ T6007] usb 2-1: device descriptor read/64, error -71
[  299.312802][ T6007] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  299.530231][ T6007] usb 2-1: device descriptor read/64, error -71
[  299.760918][ T6007] usb usb2-port1: attempt power cycle
[  301.815600][   T37] audit: type=1326 audit(1766922887.014:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8081 comm="syz.0.595" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f275fdaf749 code=0x0
[  303.131422][   T31] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  303.280183][   T31] usb 5-1: Using ep0 maxpacket: 16
[  303.284948][   T31] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  303.284984][   T31] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.285005][   T31] usb 5-1: Product: syz
[  303.285020][   T31] usb 5-1: Manufacturer: syz
[  303.285034][   T31] usb 5-1: SerialNumber: syz
[  303.518265][   T31] r8152-cfgselector 5-1: Unknown version 0x0000
[  303.518291][   T31] r8152-cfgselector 5-1: config 0 descriptor??
[  304.350181][ T7072] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  304.507306][ T7072] usb 3-1: Using ep0 maxpacket: 32
[  304.509770][ T7072] usb 3-1: config 5 has too many interfaces: 238, using maximum allowed: 32
[  304.509798][ T7072] usb 3-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  304.509818][ T7072] usb 3-1: config 5 has 0 interfaces, different from the descriptor's value: 238
[  304.509855][ T7072] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  304.509877][ T7072] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.725588][   T31] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  304.830770][ T7072] usb 3-1: string descriptor 0 read error: -71
[  304.850905][ T7072] usb 3-1: USB disconnect, device number 13
[  304.910191][   T31] usb 4-1: Using ep0 maxpacket: 8
[  304.912593][   T31] usb 4-1: config 0 has an invalid interface number: 52 but max is 0
[  304.912622][   T31] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  304.912642][   T31] usb 4-1: config 0 has no interface number 0
[  304.912687][   T31] usb 4-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0x58, changing to 0x8
[  304.912714][   T31] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  304.912741][   T31] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  304.912764][   T31] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  304.912793][   T31] usb 4-1: config 0 interface 52 has no altsetting 0
[  304.912826][   T31] usb 4-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  304.912857][   T31] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.938624][ T8121] FAULT_INJECTION: forcing a failure.
[  304.938624][ T8121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  304.938659][ T8121] CPU: 0 UID: 0 PID: 8121 Comm: syz.1.607 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  304.938681][ T8121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  304.938692][ T8121] Call Trace:
[  304.938700][ T8121]  <TASK>
[  304.938708][ T8121]  dump_stack_lvl+0xe8/0x150
[  304.938737][ T8121]  should_fail_ex+0x46c/0x600
[  304.938766][ T8121]  _copy_from_user+0x2d/0xb0
[  304.938785][ T8121]  ___sys_sendmsg+0x158/0x2a0
[  304.938811][ T8121]  ? __pfx____sys_sendmsg+0x10/0x10
[  304.938863][ T8121]  ? __fget_files+0x2a/0x420
[  304.938882][ T8121]  ? __fget_files+0x3a6/0x420
[  304.938910][ T8121]  __x64_sys_sendmsg+0x1a1/0x260
[  304.938935][ T8121]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  304.938966][ T8121]  ? __pfx_ksys_write+0x10/0x10
[  304.939000][ T8121]  do_syscall_64+0xec/0xf80
[  304.939018][ T8121]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.939035][ T8121]  ? trace_irq_disable+0x37/0x100
[  304.939054][ T8121]  ? clear_bhb_loop+0x60/0xb0
[  304.939076][ T8121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.939094][ T8121] RIP: 0033:0x7f698c3df749
[  304.939110][ T8121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.939126][ T8121] RSP: 002b:00007f698a646038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  304.939145][ T8121] RAX: ffffffffffffffda RBX: 00007f698c635fa0 RCX: 00007f698c3df749
[  304.939159][ T8121] RDX: 0000000000004000 RSI: 0000200000000440 RDI: 0000000000000003
[  304.939171][ T8121] RBP: 00007f698a646090 R08: 0000000000000000 R09: 0000000000000000
[  304.939182][ T8121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.939193][ T8121] R13: 00007f698c636038 R14: 00007f698c635fa0 R15: 00007ffe0bce4db8
[  304.939222][ T8121]  </TASK>
[  305.243206][   T31] usb 4-1: config 0 descriptor??
[  306.555717][   T31] usb 4-1: Can not set alternate setting to 1, error: -71
[  306.555782][   T31] synaptics_usb 4-1:0.52: probe with driver synaptics_usb failed with error -71
[  306.603613][   T31] usb 4-1: USB disconnect, device number 9
[  306.730246][ T5886] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  307.764704][ T8144] FAULT_INJECTION: forcing a failure.
[  307.764704][ T8144] name failslab, interval 1, probability 0, space 0, times 0
[  307.764738][ T8144] CPU: 1 UID: 0 PID: 8144 Comm: syz.2.611 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  307.764760][ T8144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  307.764771][ T8144] Call Trace:
[  307.764779][ T8144]  <TASK>
[  307.764787][ T8144]  dump_stack_lvl+0xe8/0x150
[  307.764817][ T8144]  should_fail_ex+0x46c/0x600
[  307.764846][ T8144]  should_failslab+0xa8/0x100
[  307.764867][ T8144]  __kmalloc_noprof+0xe0/0x7e0
[  307.764891][ T8144]  ? kfree+0x4d/0x900
[  307.764910][ T8144]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  307.764935][ T8144]  tomoyo_realpath_from_path+0xe3/0x5d0
[  307.764956][ T8144]  ? tomoyo_domain+0xd9/0x130
[  307.764981][ T8144]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  307.765005][ T8144]  tomoyo_path_number_perm+0x1e8/0x5a0
[  307.765032][ T8144]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  307.765055][ T8144]  ? __lock_acquire+0x6b6/0x2cf0
[  307.765082][ T8144]  ? do_raw_spin_lock+0x121/0x290
[  307.765135][ T8144]  ? __fget_files+0x2a/0x420
[  307.765158][ T8144]  ? __fget_files+0x2a/0x420
[  307.765176][ T8144]  ? __fget_files+0x3a6/0x420
[  307.765194][ T8144]  ? __fget_files+0x2a/0x420
[  307.765217][ T8144]  security_file_ioctl+0xcb/0x2d0
[  307.765245][ T8144]  __se_sys_ioctl+0x47/0x170
[  307.765271][ T8144]  do_syscall_64+0xec/0xf80
[  307.765290][ T8144]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.765308][ T8144]  ? trace_irq_disable+0x37/0x100
[  307.765327][ T8144]  ? clear_bhb_loop+0x60/0xb0
[  307.765350][ T8144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.765368][ T8144] RIP: 0033:0x7f50dabef749
[  307.765385][ T8144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.765401][ T8144] RSP: 002b:00007f50d8e4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  307.765422][ T8144] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabef749
[  307.765436][ T8144] RDX: 0000200000ffcffc RSI: 0000000040084504 RDI: 0000000000000003
[  307.765449][ T8144] RBP: 00007f50d8e4e090 R08: 0000000000000000 R09: 0000000000000000
[  307.765461][ T8144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.765472][ T8144] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  307.765499][ T8144]  </TASK>
[  307.765506][ T8144] ERROR: Out of memory at tomoyo_realpath_from_path.
[  307.780127][ T5886] usb 2-1: Using ep0 maxpacket: 16
[  307.790069][ T5886] usb 2-1: config 1 has an invalid interface number: 69 but max is 0
[  307.790098][ T5886] usb 2-1: config 1 has no interface number 0
[  307.790145][ T5886] usb 2-1: config 1 interface 69 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  307.790171][ T5886] usb 2-1: config 1 interface 69 altsetting 2 bulk endpoint 0x81 has invalid maxpacket 64
[  307.790197][ T5886] usb 2-1: config 1 interface 69 has no altsetting 0
[  307.940855][ T5886] usb 2-1: New USB device found, idVendor=0bb4, idProduct=0a7e, bcdDevice=60.c4
[  307.940886][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.940907][ T5886] usb 2-1: Product: syz
[  307.940922][ T5886] usb 2-1: Manufacturer: syz
[  307.940937][ T5886] usb 2-1: SerialNumber: syz
[  308.173911][ T8129] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  308.174097][ T8129] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  308.959962][ T5886] ipaq 2-1:1.69: PocketPC PDA converter detected
[  309.860570][ T5886] ipaq 2-1:1.69: probe with driver ipaq failed with error -71
[  309.946211][ T6005] r8152-cfgselector 5-1: USB disconnect, device number 20
[  310.069619][ T5886] usb 2-1: USB disconnect, device number 20
[  314.167626][   T37] audit: type=1326 audit(1766922899.394:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8186 comm="syz.2.622" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f50dabef749 code=0x0
[  318.527150][   T37] audit: type=1326 audit(1766922902.924:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8194 comm="syz.3.625" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca0892f749 code=0x0
[  318.534526][ T1326] ieee802154 phy0 wpan0: encryption failed: -22
[  318.534592][ T1326] ieee802154 phy1 wpan1: encryption failed: -22
[  320.630174][   T31] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  320.791586][   T31] usb 3-1: Using ep0 maxpacket: 8
[  320.797704][   T31] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  320.797733][   T31] usb 3-1: config 0 has no interface number 0
[  320.797789][   T31] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  320.797814][   T31] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  320.797841][   T31] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  320.797869][   T31] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  320.797910][   T31] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  320.797934][   T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.899258][   T31] usb 3-1: config 0 descriptor??
[  320.972763][   T31] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  321.261650][   T31] usb 3-1: USB disconnect, device number 14
[  321.329656][   T31] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  322.281469][ T8217] netlink: 16 bytes leftover after parsing attributes in process `syz.2.629'.
[  325.105988][ T7072] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  325.270248][ T7072] usb 1-1: Using ep0 maxpacket: 32
[  325.327881][ T7072] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  325.327910][ T7072] usb 1-1: config 0 has no interface number 0
[  325.366900][ T7072] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  325.366932][ T7072] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.366953][ T7072] usb 1-1: Product: syz
[  325.366967][ T7072] usb 1-1: Manufacturer: syz
[  325.366982][ T7072] usb 1-1: SerialNumber: syz
[  325.440273][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  325.477504][ T7072] usb 1-1: config 0 descriptor??
[  325.511583][ T7072] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  325.516475][ T8235] Set syz1 is full, maxelem 2032 reached
[  325.958405][ T7072] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  326.229548][    C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[  326.271115][ T7072] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  326.307120][ T7072] usb 1-1: USB disconnect, device number 9
[  326.328817][ T7072] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  326.363162][ T7072] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  326.364330][ T7072] quatech2 1-1:0.51: device disconnected
[  327.396771][ T8259] netlink: 20 bytes leftover after parsing attributes in process `syz.0.639'.
[  327.422399][ T8259] netlink: 64 bytes leftover after parsing attributes in process `syz.0.639'.
[  328.927020][ T8266] FAULT_INJECTION: forcing a failure.
[  328.927020][ T8266] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.927054][ T8266] CPU: 1 UID: 0 PID: 8266 Comm: syz.2.641 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  328.927076][ T8266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  328.927088][ T8266] Call Trace:
[  328.927096][ T8266]  <TASK>
[  328.927104][ T8266]  dump_stack_lvl+0xe8/0x150
[  328.927133][ T8266]  should_fail_ex+0x46c/0x600
[  328.927164][ T8266]  _copy_from_user+0x2d/0xb0
[  328.927240][ T8266]  __x64_sys_clock_adjtime+0xdd/0x2c0
[  328.927269][ T8266]  ? lockdep_hardirqs_on+0x7b/0x110
[  328.927290][ T8266]  ? __pfx___x64_sys_clock_adjtime+0x10/0x10
[  328.927316][ T8266]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  328.927360][ T8266]  ? __pfx_ksys_write+0x10/0x10
[  328.927396][ T8266]  do_syscall_64+0xec/0xf80
[  328.927414][ T8266]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.927432][ T8266]  ? trace_irq_disable+0x37/0x100
[  328.927452][ T8266]  ? clear_bhb_loop+0x60/0xb0
[  328.927474][ T8266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.927492][ T8266] RIP: 0033:0x7f50dabef749
[  328.927510][ T8266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.927527][ T8266] RSP: 002b:00007f50d8e4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[  328.927548][ T8266] RAX: ffffffffffffffda RBX: 00007f50dae45fa0 RCX: 00007f50dabef749
[  328.927562][ T8266] RDX: 0000000000000000 RSI: 0000200000000e00 RDI: 0000000000000000
[  328.927575][ T8266] RBP: 00007f50d8e4e090 R08: 0000000000000000 R09: 0000000000000000
[  328.927587][ T8266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.927599][ T8266] R13: 00007f50dae46038 R14: 00007f50dae45fa0 R15: 00007ffe57bf0dd8
[  328.927630][ T8266]  </TASK>
[  330.872309][   T37] audit: type=1326 audit(1766922915.464:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8267 comm="syz.4.642" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11ff749 code=0x0
[  331.916419][ T8278] netlink: 72 bytes leftover after parsing attributes in process `syz.0.646'.
[  331.916516][ T8278] netlink: 72 bytes leftover after parsing attributes in process `syz.0.646'.
[  333.125926][ T5814] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  333.129696][ T5814] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  333.163203][ T5814] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  333.164494][ T5814] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  333.165706][ T5814] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  335.285501][ T5814] Bluetooth: hci5: command tx timeout
[  336.988010][   T37] audit: type=1326 audit(1766922921.304:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8293 comm="syz.4.648" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4cc11ff749 code=0x0
[  337.360168][ T5814] Bluetooth: hci5: command tx timeout
[  339.447780][ T5814] Bluetooth: hci5: command tx timeout
[  341.391817][   T37] audit: type=1326 audit(1766922925.644:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8325 comm="syz.0.659" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f275fdaf749 code=0x0
[  341.506675][ T8287] chnl_net:caif_netlink_parms(): no params data found
[  341.570835][ T5814] Bluetooth: hci5: command tx timeout
[  342.810593][ T6005] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  342.990383][ T6005] usb 5-1: Using ep0 maxpacket: 32
[  342.992672][ T6005] usb 5-1: config 5 has too many interfaces: 238, using maximum allowed: 32
[  342.992700][ T6005] usb 5-1: config 5 descriptor has 1 excess byte, ignoring
[  342.992719][ T6005] usb 5-1: config 5 has 0 interfaces, different from the descriptor's value: 238
[  342.992757][ T6005] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  342.992781][ T6005] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.340373][ T6005] usb 5-1: string descriptor 0 read error: -71
[  343.357466][ T6005] usb 5-1: USB disconnect, device number 21
[  344.310161][ T6005] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  344.504922][ T6005] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  344.504943][ T6005] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.504954][ T6005] usb 1-1: Product: syz
[  344.504962][ T6005] usb 1-1: Manufacturer: syz
[  344.504970][ T6005] usb 1-1: SerialNumber: syz
[  344.584008][ T6005] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  345.296257][ T7072] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  349.139148][ T7072] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  349.139565][ T7072] ath9k_htc: Failed to initialize the device
[  350.254099][ T6130] usb 1-1: USB disconnect, device number 10
[  350.367833][ T6130] usb 1-1: ath9k_htc: USB layer deinitialized
[  351.599068][ T8370] netlink: 4 bytes leftover after parsing attributes in process `syz.4.668'.
[  351.616558][ T8370] FAULT_INJECTION: forcing a failure.
[  351.616558][ T8370] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  351.616593][ T8370] CPU: 1 UID: 0 PID: 8370 Comm: syz.4.668 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  351.616615][ T8370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  351.616627][ T8370] Call Trace:
[  351.616635][ T8370]  <TASK>
[  351.616643][ T8370]  dump_stack_lvl+0xe8/0x150
[  351.616672][ T8370]  should_fail_ex+0x46c/0x600
[  351.616702][ T8370]  _copy_from_user+0x2d/0xb0
[  351.616722][ T8370]  __sys_connect+0x124/0x450
[  351.616745][ T8370]  ? __pfx___sys_connect+0x10/0x10
[  351.616777][ T8370]  ? __pfx_ksys_write+0x10/0x10
[  351.616810][ T8370]  __x64_sys_connect+0x7a/0x90
[  351.616831][ T8370]  do_syscall_64+0xec/0xf80
[  351.616850][ T8370]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.616868][ T8370]  ? trace_irq_disable+0x37/0x100
[  351.616887][ T8370]  ? clear_bhb_loop+0x60/0xb0
[  351.616910][ T8370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.616928][ T8370] RIP: 0033:0x7f4cc11ff749
[  351.616945][ T8370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.616962][ T8370] RSP: 002b:00007f4cbf466038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  351.616982][ T8370] RAX: ffffffffffffffda RBX: 00007f4cc1455fa0 RCX: 00007f4cc11ff749
[  351.616996][ T8370] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000004
[  351.617009][ T8370] RBP: 00007f4cbf466090 R08: 0000000000000000 R09: 0000000000000000
[  351.617022][ T8370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.617033][ T8370] R13: 00007f4cc1456038 R14: 00007f4cc1455fa0 R15: 00007ffceac63018
[  351.617065][ T8370]  </TASK>
[  352.568350][ T8287] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.590833][ T8287] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.591101][ T8287] bridge_slave_0: entered allmulticast mode
[  352.593662][ T8287] bridge_slave_0: entered promiscuous mode
[  352.598216][ T8287] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.610204][ T8287] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.610467][ T8287] bridge_slave_1: entered allmulticast mode
[  352.616884][ T8287] bridge_slave_1: entered promiscuous mode
[  361.024187][ T8287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  361.090144][ T8287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  362.140753][ T8417] FAULT_INJECTION: forcing a failure.
[  362.140753][ T8417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  362.140787][ T8417] CPU: 0 UID: 0 PID: 8417 Comm: syz.0.683 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  362.140810][ T8417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  362.140823][ T8417] Call Trace:
[  362.140830][ T8417]  <TASK>
[  362.140839][ T8417]  dump_stack_lvl+0xe8/0x150
[  362.140868][ T8417]  should_fail_ex+0x46c/0x600
[  362.140897][ T8417]  _copy_from_user+0x2d/0xb0
[  362.140917][ T8417]  ___sys_sendmsg+0x158/0x2a0
[  362.140943][ T8417]  ? __pfx____sys_sendmsg+0x10/0x10
[  362.141000][ T8417]  ? __fget_files+0x2a/0x420
[  362.141020][ T8417]  ? __fget_files+0x3a6/0x420
[  362.141050][ T8417]  __x64_sys_sendmsg+0x1a1/0x260
[  362.141074][ T8417]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  362.141104][ T8417]  ? __pfx_ksys_write+0x10/0x10
[  362.141138][ T8417]  do_syscall_64+0xec/0xf80
[  362.141157][ T8417]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.141174][ T8417]  ? trace_irq_disable+0x37/0x100
[  362.141194][ T8417]  ? clear_bhb_loop+0x60/0xb0
[  362.141217][ T8417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.141235][ T8417] RIP: 0033:0x7f275fdaf749
[  362.141253][ T8417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.141268][ T8417] RSP: 002b:00007f275e016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  362.141289][ T8417] RAX: ffffffffffffffda RBX: 00007f2760005fa0 RCX: 00007f275fdaf749
[  362.141303][ T8417] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  362.141316][ T8417] RBP: 00007f275e016090 R08: 0000000000000000 R09: 0000000000000000
[  362.141328][ T8417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.141340][ T8417] R13: 00007f2760006038 R14: 00007f2760005fa0 R15: 00007ffc9a5bda88
[  362.141372][ T8417]  </TASK>
[  363.128361][ T8420] tmpfs: Unknown parameter 'ø	_inodus'
[  363.145875][ T8420] nfs4: Unknown parameter '/dev/sequen'
[  363.492500][ T8287] team0: Port device team_slave_0 added
[  363.580686][ T8287] team0: Port device team_slave_1 added
[  364.620167][ T8363] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  364.800559][ T8363] usb 5-1: Using ep0 maxpacket: 32
[  364.803261][ T8363] usb 5-1: config 5 has too many interfaces: 238, using maximum allowed: 32
[  364.803288][ T8363] usb 5-1: config 5 descriptor has 1 excess byte, ignoring
[  364.803308][ T8363] usb 5-1: config 5 has 0 interfaces, different from the descriptor's value: 238
[  364.803497][ T8363] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  364.803530][ T8363] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.380152][ T8363] usb 5-1: string descriptor 0 read error: -71
[  365.386261][ T8363] usb 5-1: USB disconnect, device number 22
[  365.557416][ T8287] batman_adv: batadv0: Adding interface: batadv_slave_0
[  365.557431][ T8287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  365.557450][ T8287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  365.559233][ T8287] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.559246][ T8287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  365.559267][ T8287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  366.448436][ T8442] 9p: Bad value for 'rfdno'
[  366.875980][ T8444] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  366.876000][ T8444] IPv6: NLM_F_CREATE should be set when creating new route
[  370.859204][ T8287] hsr_slave_0: entered promiscuous mode
[  371.055569][ T8287] hsr_slave_1: entered promiscuous mode
[  371.062128][ T8287] debugfs: 'hsr0' already exists in 'hsr'
[  371.062155][ T8287] Cannot create hsr debugfs directory
[  372.247771][ T5815] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  372.438199][ T5815] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  372.445713][ T5815] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  372.451372][ T5815] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  372.452262][ T5815] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  374.642888][ T5815] Bluetooth: hci6: command tx timeout
[  376.930137][ T5815] Bluetooth: hci6: command tx timeout
[  378.963264][ T1326] ieee802154 phy0 wpan0: encryption failed: -22
[  378.963335][ T1326] ieee802154 phy1 wpan1: encryption failed: -22
[  378.967776][ T5815] Bluetooth: hci6: command tx timeout
[  381.040455][ T5815] Bluetooth: hci6: command tx timeout
[  382.764124][ T5814] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  382.769013][ T5814] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  382.792321][ T5814] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  382.794544][ T5814] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  382.795470][ T5814] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  384.880282][ T5814] Bluetooth: hci0: command tx timeout
[  387.000192][ T5814] Bluetooth: hci0: command tx timeout
[  388.800284][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  389.054992][ T5814] Bluetooth: hci0: command tx timeout
[  391.244767][ T5814] Bluetooth: hci0: command tx timeout
[  500.899966][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  500.899990][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P8504/1:b..l P58/4:b..l P8426/3:b..l
[  500.900041][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=19341, q=221633 ncpus=2)
[  500.900063][    C0] task:kworker/u8:25   state:R  running task     stack:22536 pid:8426  tgid:8426  ppid:2      task_flags:0x4208060 flags:0x00080000
[  500.900109][    C0] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker
[  500.900130][    C0] Call Trace:
[  500.900134][    C0]  <TASK>
[  500.900142][    C0]  __schedule+0x145f/0x5070
[  500.900172][    C0]  ? __pfx___schedule+0x10/0x10
[  500.900194][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  500.900205][    C0]  ? lockdep_hardirqs_on+0x7b/0x110
[  500.900214][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  500.900226][    C0]  preempt_schedule_common+0x83/0xd0
[  500.900241][    C0]  preempt_schedule_thunk+0x16/0x30
[  500.900261][    C0]  rt_mutex_slowunlock+0x668/0x8a0
[  500.900281][    C0]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  500.900295][    C0]  ? rt_spin_unlock+0x150/0x200
[  500.900310][    C0]  ? rt_spin_unlock+0x161/0x200
[  500.900323][    C0]  enqueue_to_backlog+0x340/0xcb0
[  500.900338][    C0]  ? __nf_conntrack_find_get+0xc1/0x540
[  500.900348][    C0]  ? __pfx_skb_network_protocol+0x10/0x10
[  500.900364][    C0]  netif_rx_internal+0x120/0x540
[  500.900377][    C0]  ? __pfx_netif_rx_internal+0x10/0x10
[  500.900387][    C0]  ? skb_csum_hwoffload_help+0x18f/0xa30
[  500.900399][    C0]  ? eth_type_trans+0x35e/0x6d0
[  500.900413][    C0]  ? rcu_is_watching+0x15/0xb0
[  500.900426][    C0]  __netif_rx+0xaa/0x110
[  500.900440][    C0]  loopback_xmit+0x47a/0x6f0
[  500.900453][    C0]  dev_hard_start_xmit+0x2e0/0x840
[  500.900474][    C0]  __dev_queue_xmit+0x14b4/0x31d0
[  500.900492][    C0]  ? __lock_acquire+0x6b6/0x2cf0
[  500.900509][    C0]  ? __dev_queue_xmit+0x259/0x31d0
[  500.900522][    C0]  ? __pfx_nf_confirm+0x10/0x10
[  500.900536][    C0]  ? nf_hook+0x9d/0x380
[  500.900552][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  500.900567][    C0]  ? ip6_output+0x340/0x550
[  500.900580][    C0]  ? ip6_output+0x340/0x550
[  500.900594][    C0]  ? ip6_finish_output2+0xd70/0x13c0
[  500.900609][    C0]  ? __asan_memcpy+0x40/0x70
[  500.900622][    C0]  ? ip6_finish_output2+0xec7/0x13c0
[  500.900640][    C0]  ? ip6_output+0x126/0x550
[  500.900653][    C0]  ip6_output+0x340/0x550
[  500.900668][    C0]  udp_tunnel6_xmit_skb+0x68d/0xb30
[  500.900688][    C0]  send6+0x5ac/0x8d0
[  500.900701][    C0]  ? rt_read_lock+0x203/0x490
[  500.900713][    C0]  ? send6+0x220/0x8d0
[  500.900726][    C0]  ? __pfx_send6+0x10/0x10
[  500.900735][    C0]  ? rcu_is_watching+0x15/0xb0
[  500.900748][    C0]  ? __local_bh_disable_ip+0x3c/0x420
[  500.900761][    C0]  ? wg_socket_send_skb_to_peer+0x59/0x200
[  500.900772][    C0]  ? wg_socket_send_skb_to_peer+0x59/0x200
[  500.900782][    C0]  wg_socket_send_skb_to_peer+0x128/0x200
[  500.900795][    C0]  wg_packet_handshake_send_worker+0x1db/0x320
[  500.900808][    C0]  ? __pfx_wg_packet_handshake_send_worker+0x10/0x10
[  500.900830][    C0]  ? process_scheduled_works+0x9ef/0x1770
[  500.900840][    C0]  ? process_scheduled_works+0x9ef/0x1770
[  500.900852][    C0]  process_scheduled_works+0xad1/0x1770
[  500.900875][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  500.900894][    C0]  worker_thread+0x8a0/0xda0
[  500.900911][    C0]  ? __kthread_parkme+0x7b/0x200
[  500.900927][    C0]  kthread+0x711/0x8a0
[  500.900941][    C0]  ? __pfx_worker_thread+0x10/0x10
[  500.900952][    C0]  ? __pfx_kthread+0x10/0x10
[  500.900963][    C0]  ? rt_spin_unlock+0x150/0x200
[  500.900977][    C0]  ? rt_spin_unlock+0x161/0x200
[  500.900988][    C0]  ? __pfx_kthread+0x10/0x10
[  500.901001][    C0]  ret_from_fork+0x510/0xa50
[  500.901013][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  500.901023][    C0]  ? __switch_to+0xc9e/0x1480
[  500.901039][    C0]  ? __pfx_kthread+0x10/0x10
[  500.901052][    C0]  ret_from_fork_asm+0x1a/0x30
[  500.901074][    C0]  </TASK>
[  500.901078][    C0] task:kworker/u8:3    state:R  running task     stack:20456 pid:58    tgid:58    ppid:2      task_flags:0x4208160 flags:0x00080000
[  500.901104][    C0] Workqueue: events_unbound macvlan_process_broadcast
[  500.901117][    C0] Call Trace:
[  500.901120][    C0]  <TASK>
[  500.901126][    C0]  __schedule+0x145f/0x5070
[  500.901148][    C0]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  500.901162][    C0]  ? rt_spin_unlock+0x150/0x200
[  500.901175][    C0]  ? __pfx___schedule+0x10/0x10
[  500.901189][    C0]  ? __lock_acquire+0x6b6/0x2cf0
[  500.901206][    C0]  preempt_schedule_irq+0x4d/0xa0
[  500.901220][    C0]  irqentry_exit+0x5d8/0x660
[  500.901233][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  500.901244][    C0] RIP: 0010:lock_acquire+0x6e/0x340
[  500.901264][    C0] Code: 10 83 f8 08 0f 83 84 01 00 00 89 c0 48 0f a3 05 68 b6 3e 0d 73 0d e8 41 21 09 00 84 c0 0f 84 cb 01 00 00 83 3d 52 c6 3e 0d 00 <0f> 84 d4 00 00 00 48 8b b4 24 90 00 00 00 4c 89 ef e8 dc 37 85 00
[  500.901273][    C0] RSP: 0018:ffffc9000124e6d8 EFLAGS: 00000202
[  500.901281][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000080000001
[  500.901287][    C0] RDX: 0000000000000000 RSI: ffffffff8b3f57c0 RDI: ffffffff8b3f5780
[  500.901294][    C0] RBP: ffffffff8173dd35 R08: 0000000000000000 R09: 0000000000000000
[  500.901300][    C0] R10: ffffc9000124e898 R11: ffffffff81ab9860 R12: 0000000000000002
[  500.901307][    C0] R13: ffffffff8d5ae940 R14: 0000000000000000 R15: 0000000000000000
[  500.901315][    C0]  ? unwind_next_frame+0xa5/0x23d0
[  500.901327][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  500.901345][    C0]  ? lock_acquire+0x5f/0x340
[  500.901359][    C0]  ? unwind_next_frame+0xa5/0x23d0
[  500.901370][    C0]  ? nft_do_chain+0x40c/0x1920
[  500.901380][    C0]  ? unwind_next_frame+0xa5/0x23d0
[  500.901392][    C0]  unwind_next_frame+0xc2/0x23d0
[  500.901403][    C0]  ? unwind_next_frame+0xa5/0x23d0
[  500.901417][    C0]  ? unwind_next_frame+0xa5/0x23d0
[  500.901429][    C0]  ? nft_synproxy_do_eval+0x345/0x570
[  500.901440][    C0]  ? nft_do_chain+0x40c/0x1920
[  500.901450][    C0]  ? skb_release_data+0x62d/0x7c0
[  500.901460][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  500.901472][    C0]  arch_stack_walk+0x11c/0x150
[  500.901487][    C0]  ? nft_do_chain+0x40c/0x1920
[  500.901498][    C0]  stack_trace_save+0x9c/0xe0
[  500.901509][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  500.901523][    C0]  ? __lock_acquire+0x6b6/0x2cf0
[  500.901536][    C0]  kasan_save_track+0x3e/0x80
[  500.901548][    C0]  ? kasan_save_track+0x3e/0x80
[  500.901560][    C0]  ? kasan_save_free_info+0x46/0x50
[  500.901569][    C0]  ? __kasan_slab_free+0x5c/0x80
[  500.901581][    C0]  ? kmem_cache_free+0x18f/0x8d0
[  500.901595][    C0]  ? skb_release_data+0x62d/0x7c0
[  500.901605][    C0]  ? consume_skb+0x9e/0xf0
[  500.901615][    C0]  ? nft_synproxy_eval_v4+0x376/0x560
[  500.901624][    C0]  ? nft_synproxy_do_eval+0x345/0x570
[  500.901633][    C0]  ? nft_do_chain+0x40c/0x1920
[  500.901663][    C0]  kasan_save_free_info+0x46/0x50
[  500.901674][    C0]  __kasan_slab_free+0x5c/0x80
[  500.901687][    C0]  kmem_cache_free+0x18f/0x8d0
[  500.901700][    C0]  ? skb_release_data+0x62d/0x7c0
[  500.901713][    C0]  skb_release_data+0x62d/0x7c0
[  500.901729][    C0]  consume_skb+0x9e/0xf0
[  500.901740][    C0]  nft_synproxy_eval_v4+0x376/0x560
[  500.901754][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  500.901766][    C0]  ? nf_ip_checksum+0x13c/0x510
[  500.901778][    C0]  nft_synproxy_do_eval+0x345/0x570
[  500.901788][    C0]  ? __local_bh_enable_ip+0x1af/0x2c0
[  500.901801][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  500.901812][    C0]  ? wg_packet_receive+0x1a86/0x2630
[  500.901822][    C0]  ? wg_packet_receive+0x1262/0x2630
[  500.901836][    C0]  nft_do_chain+0x40c/0x1920
[  500.901853][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  500.901866][    C0]  ? __pfx_wg_receive+0x10/0x10
[  500.901889][    C0]  nft_do_chain_inet+0x25d/0x340
[  500.901899][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  500.901913][    C0]  ? NF_HOOK+0x9a/0x3a0
[  500.901925][    C0]  ? NF_HOOK+0x9a/0x3a0
[  500.901937][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  500.901947][    C0]  nf_hook_slow+0xc5/0x220
[  500.901963][    C0]  NF_HOOK+0x206/0x3a0
[  500.901975][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  500.901987][    C0]  ? NF_HOOK+0x9a/0x3a0
[  500.901998][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  500.902009][    C0]  ? ip_rcv_finish_core+0xda3/0x1c00
[  500.902022][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  500.902035][    C0]  ? skb_dst+0x4f/0xd0
[  500.902047][    C0]  ? ip_local_deliver+0x12a/0x1b0
[  500.902060][    C0]  NF_HOOK+0x30c/0x3a0
[  500.902073][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  500.902084][    C0]  ? NF_HOOK+0x9a/0x3a0
[  500.902095][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  500.902108][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  500.902124][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  500.902135][    C0]  __netif_receive_skb+0x143/0x380
[  500.902147][    C0]  ? process_backlog+0x272/0x8f0
[  500.902158][    C0]  process_backlog+0x315/0x8f0
[  500.902173][    C0]  __napi_poll+0xae/0x520
[  500.902184][    C0]  net_rx_action+0x64a/0xdb0
[  500.902201][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  500.902210][    C0]  ? kvm_sched_clock_read+0x11/0x20
[  500.902228][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[  500.902256][    C0]  handle_softirqs+0x1df/0x650
[  500.902271][    C0]  __local_bh_enable_ip+0x171/0x2c0
[  500.902284][    C0]  macvlan_process_broadcast+0x23b/0x650
[  500.902298][    C0]  ? macvlan_process_broadcast+0xea/0x650
[  500.902313][    C0]  ? __pfx_macvlan_process_broadcast+0x10/0x10
[  500.902338][    C0]  ? process_scheduled_works+0x9ef/0x1770
[  500.902348][    C0]  ? process_scheduled_works+0x9ef/0x1770
[  500.902359][    C0]  process_scheduled_works+0xad1/0x1770
[  500.902383][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  500.902392][    C0]  ? do_raw_spin_lock+0x121/0x290
[  500.902410][    C0]  worker_thread+0x8a0/0xda0
[  500.902433][    C0]  kthread+0x711/0x8a0
[  500.902447][    C0]  ? __pfx_worker_thread+0x10/0x10
[  500.902457][    C0]  ? __pfx_kthread+0x10/0x10
[  500.902469][    C0]  ? rt_spin_unlock+0x150/0x200
[  500.902483][    C0]  ? rt_spin_unlock+0x161/0x200
[  500.902493][    C0]  ? __pfx_kthread+0x10/0x10
[  500.902507][    C0]  ret_from_fork+0x510/0xa50
[  500.902518][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  500.902528][    C0]  ? __switch_to+0xc9e/0x1480
[  500.902543][    C0]  ? __pfx_kthread+0x10/0x10
[  500.902556][    C0]  ret_from_fork_asm+0x1a/0x30
[  500.902577][    C0]  </TASK>
[  500.902581][    C0] task:syz-executor    state:R  running task     stack:24952 pid:8504  tgid:8504  ppid:5786   task_flags:0x400000 flags:0x00080000
[  500.902608][    C0] Call Trace:
[  500.902611][    C0]  <TASK>
[  500.902617][    C0]  __schedule+0x145f/0x5070
[  500.902644][    C0]  ? __pfx___schedule+0x10/0x10
[  500.902661][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  500.902671][    C0]  ? lockdep_hardirqs_on+0x7b/0x110
[  500.902679][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  500.902690][    C0]  preempt_schedule_common+0x83/0xd0
[  500.902705][    C0]  preempt_schedule_thunk+0x16/0x30
[  500.902718][    C0]  rt_mutex_slowunlock+0x668/0x8a0
[  500.902734][    C0]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  500.902747][    C0]  ? rt_spin_unlock+0x150/0x200
[  500.902762][    C0]  ? rt_spin_unlock+0x161/0x200
[  500.902775][    C0]  free_frozen_page_commit+0x667/0x18d0
[  500.902795][    C0]  __free_frozen_pages+0x817/0x1170
[  500.902813][    C0]  ? __pfx___free_frozen_pages+0x10/0x10
[  500.902827][    C0]  ? rt_spin_unlock+0x150/0x200
[  500.902843][    C0]  __slab_free+0x2e6/0x330
[  500.902856][    C0]  ? rt_spin_unlock+0x161/0x200
[  500.902869][    C0]  ? ___cache_free+0x27/0x2f0
[  500.902884][    C0]  qlist_free_all+0x97/0x100
[  500.902898][    C0]  kasan_quarantine_reduce+0x148/0x160
[  500.902911][    C0]  __kasan_slab_alloc+0x22/0x80
[  500.902925][    C0]  ? ext4_alloc_inode+0x2e/0x630
[  500.902934][    C0]  kmem_cache_alloc_lru_noprof+0x193/0x6c0
[  500.902951][    C0]  ? __pfx_ext4_alloc_inode+0x10/0x10
[  500.902959][    C0]  ext4_alloc_inode+0x2e/0x630
[  500.902969][    C0]  ? __pfx_ext4_alloc_inode+0x10/0x10
[  500.902977][    C0]  alloc_inode+0x6a/0x1b0
[  500.902987][    C0]  new_inode+0x22/0x170
[  500.903000][    C0]  __ext4_new_inode+0x316/0x3c90
[  500.903013][    C0]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  500.903028][    C0]  ? smack_log+0xef/0x3f0
[  500.903039][    C0]  ? __asan_memset+0x22/0x50
[  500.903051][    C0]  ? __dquot_initialize+0x218/0xcb0
[  500.903065][    C0]  ? __pfx___ext4_new_inode+0x10/0x10
[  500.903079][    C0]  ? __pfx___dquot_initialize+0x10/0x10
[  500.903093][    C0]  ? smack_inode_permission+0x2a2/0x330
[  500.903106][    C0]  ext4_mkdir+0x3cb/0xc50
[  500.903122][    C0]  ? __pfx_ext4_mkdir+0x10/0x10
[  500.903133][    C0]  ? bpf_lsm_inode_mkdir+0x9/0x20
[  500.903147][    C0]  vfs_mkdir+0x52d/0x5d0
[  500.903165][    C0]  do_mkdirat+0x27a/0x4b0
[  500.903180][    C0]  ? __pfx_do_mkdirat+0x10/0x10
[  500.903192][    C0]  ? strncpy_from_user+0x150/0x2c0
[  500.903206][    C0]  ? getname_flags+0x1e5/0x540
[  500.903217][    C0]  __x64_sys_mkdir+0x6c/0x80
[  500.903230][    C0]  do_syscall_64+0xec/0xf80
[  500.903240][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.903249][    C0]  ? trace_irq_disable+0x37/0x100
[  500.903263][    C0]  ? clear_bhb_loop+0x60/0xb0
[  500.903275][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.903284][    C0] RIP: 0033:0x7f09177e33b7
[  500.903293][    C0] RSP: 002b:00007ffc7970b378 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  500.903302][    C0] RAX: ffffffffffffffda RBX: 00007ffc7970b4a2 RCX: 00007f09177e33b7
[  500.903309][    C0] RDX: 000000000fe83e79 RSI: 00000000000001c0 RDI: 00007ffc7970b490
[  500.903316][    C0] RBP: f49998db0aa753ff R08: 0000000000000004 R09: 0000000000000001
[  500.903322][    C0] R10: 4000000000000000 R11: 0000000000000246 R12: 8421084210842109
[  500.903329][    C0] R13: 00007ffc7970b4a2 R14: 00007f0917871900 R15: 000000000fe83e79
[  500.903344][    C0]  </TASK>
[  500.903347][    C0] rcu: rcu_preempt kthread starved for 10497 jiffies! g19341 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  500.903358][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  500.903363][    C0] rcu: RCU grace-period kthread stack dump:
[  500.903367][    C0] task:rcu_preempt     state:R  running task     stack:27216 pid:18    tgid:18    ppid:2      task_flags:0x208040 flags:0x00080000
[  500.903394][    C0] Call Trace:
[  500.903397][    C0]  <TASK>
[  500.903402][    C0]  __schedule+0x145f/0x5070
[  500.903428][    C0]  ? __pfx___schedule+0x10/0x10
[  500.903447][    C0]  ? schedule+0x91/0x360
[  500.903461][    C0]  schedule+0x165/0x360
[  500.903476][    C0]  schedule_timeout+0x12b/0x270
[  500.903489][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  500.903503][    C0]  ? __pfx_process_timeout+0x10/0x10
[  500.903515][    C0]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  500.903525][    C0]  ? prepare_to_swait_event+0x341/0x380
[  500.903539][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  500.903558][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  500.903572][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  500.903584][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  500.903599][    C0]  rcu_gp_kthread+0x99/0x390
[  500.903613][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  500.903626][    C0]  ? __kthread_parkme+0x7b/0x200
[  500.903637][    C0]  ? __kthread_parkme+0x1a1/0x200
[  500.903651][    C0]  kthread+0x711/0x8a0
[  500.903665][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  500.903677][    C0]  ? __pfx_kthread+0x10/0x10
[  500.903688][    C0]  ? rt_spin_unlock+0x150/0x200
[  500.903702][    C0]  ? rt_spin_unlock+0x161/0x200
[  500.903713][    C0]  ? __pfx_kthread+0x10/0x10
[  500.903726][    C0]  ret_from_fork+0x510/0xa50
[  500.903737][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  500.903746][    C0]  ? __switch_to+0xc9e/0x1480
[  500.903761][    C0]  ? __pfx_kthread+0x10/0x10
[  500.903775][    C0]  ret_from_fork_asm+0x1a/0x30
[  500.903795][    C0]  </TASK>
[  500.903799][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  500.903816][    C0] Sending NMI from CPU 0 to CPUs 1:
[  500.903862][    C1] NMI backtrace for cpu 1
[  500.903882][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  500.903924][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  500.903946][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  500.903967][    C1] Code: c3 c2 03 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 43 c7 16 00 f3 0f 1e fa fb f4 <e9> 98 c2 03 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  500.903981][    C1] RSP: 0018:ffffc900001d7e20 EFLAGS: 000002c6
[  500.903995][    C1] RAX: 00000000004d5427 RBX: ffffffff8195d78e RCX: 0000000080000001
[  500.904006][    C1] RDX: 0000000000000001 RSI: ffffffff8ce0bbf9 RDI: ffffffff8b3f57e0
[  500.904018][    C1] RBP: ffffc900001d7f10 R08: ffff8880b8933c5b R09: 1ffff1101712678b
[  500.904029][    C1] R10: dffffc0000000000 R11: ffffed101712678c R12: ffffffff8edb3470
[  500.904042][    C1] R13: 1ffff11003757b58 R14: 0000000000000001 R15: 0000000000000001
[  500.904053][    C1] FS:  0000000000000000(0000) GS:ffff888126def000(0000) knlGS:0000000000000000
[  500.904066][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  500.904078][    C1] CR2: 0000200000e68000 CR3: 000000004108e000 CR4: 00000000003526f0
[  500.904093][    C1] Call Trace:
[  500.904100][    C1]  <TASK>
[  500.904106][    C1]  default_idle+0x13/0x20
[  500.904121][    C1]  default_idle_call+0x73/0xb0
[  500.904139][    C1]  do_idle+0x1be/0x4d0
[  500.904153][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  500.904172][    C1]  ? __pfx_do_idle+0x10/0x10
[  500.904192][    C1]  cpu_startup_entry+0x44/0x60
[  500.904206][    C1]  start_secondary+0x101/0x110
[  500.904222][    C1]  common_startup_64+0x13e/0x147
[  500.904250][    C1]  </TASK>
[  511.682561][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  566.941761][   T38] INFO: task syz.1.623:8192 blocked for more than 187 seconds.
[  566.941790][   T38]       Not tainted syzkaller #0
[  566.941799][   T38]       Blocked by coredump.
[  566.941805][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  566.941814][   T38] task:syz.1.623       state:D stack:24448 pid:8192  tgid:8192  ppid:5798   task_flags:0x40044c flags:0x00080003
[  566.941866][   T38] Call Trace:
[  566.941874][   T38]  <TASK>
[  566.941889][   T38]  __schedule+0x145f/0x5070
[  566.941950][   T38]  ? __pfx___schedule+0x10/0x10
[  566.941994][   T38]  rt_mutex_schedule+0x77/0xf0
[  566.942024][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  566.942083][   T38]  ? rt_mutex_slowlock_block+0x351/0x6d0
[  566.942111][   T38]  rt_mutex_slowlock+0x2a8/0x6b0
[  566.942138][   T38]  ? rt_mutex_slowlock+0x1c9/0x6b0
[  566.942163][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  566.942199][   T38]  ? rcu_barrier+0x4c/0x570
[  566.942224][   T38]  ? rcu_barrier+0x4c/0x570
[  566.942250][   T38]  ? rcu_barrier+0x4c/0x570
[  566.942267][   T38]  mutex_lock_nested+0x16a/0x1d0
[  566.942289][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  566.942314][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  566.942337][   T38]  rcu_barrier+0x4c/0x570
[  566.942362][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  566.942384][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  566.942406][   T38]  netdev_run_todo+0x327/0xea0
[  566.942436][   T38]  ? __pfx_netif_state_change+0x10/0x10
[  566.942457][   T38]  ? __pfx_netdev_run_todo+0x10/0x10
[  566.942480][   T38]  ? kasan_quarantine_put+0xbb/0x1f0
[  566.942582][   T38]  ? netdev_state_change+0x1ca/0x220
[  566.942607][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  566.942629][   T38]  tun_chr_close+0x13f/0x1c0
[  566.942653][   T38]  __fput+0x45b/0xa80
[  566.942686][   T38]  task_work_run+0x1d4/0x260
[  566.942715][   T38]  ? __pfx_task_work_run+0x10/0x10
[  566.942741][   T38]  ? do_exit+0x68f/0x22f0
[  566.942766][   T38]  ? do_exit+0x68f/0x22f0
[  566.942795][   T38]  do_exit+0x694/0x22f0
[  566.942823][   T38]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  566.942843][   T38]  ? lockdep_hardirqs_on+0x7b/0x110
[  566.942863][   T38]  ? __pfx_do_exit+0x10/0x10
[  566.942886][   T38]  ? rt_mutex_slowunlock+0x493/0x8a0
[  566.942909][   T38]  ? reacquire_held_locks+0x104/0x190
[  566.942935][   T38]  ? rt_spin_lock+0x1c1/0x3e0
[  566.942971][   T38]  do_group_exit+0x21c/0x2d0
[  566.942996][   T38]  ? rt_spin_unlock+0x161/0x200
[  566.943023][   T38]  get_signal+0x125d/0x1310
[  566.943072][   T38]  arch_do_signal_or_restart+0x9a/0x7a0
[  566.943104][   T38]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  566.943152][   T38]  exit_to_user_mode_loop+0x87/0x4e0
[  566.943177][   T38]  ? rcu_is_watching+0x15/0xb0
[  566.943199][   T38]  do_syscall_64+0x2b7/0xf80
[  566.943217][   T38]  ? rcu_is_watching+0x15/0xb0
[  566.943233][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.943254][   T38]  ? clear_bhb_loop+0x60/0xb0
[  566.943277][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.943296][   T38] RIP: 0033:0x7f698c3df749
[  566.943313][   T38] RSP: 002b:00007ffe0bce4f18 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  566.943333][   T38] RAX: 0000000000000000 RBX: 00007f698c637da0 RCX: 00007f698c3df749
[  566.943347][   T38] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  566.943359][   T38] RBP: 00007f698c637da0 R08: 000000000001b258 R09: 0000001e0bce520f
[  566.943373][   T38] R10: 00007f698c637cb0 R11: 0000000000000246 R12: 000000000004d609
[  566.943386][   T38] R13: 00007f698c636180 R14: ffffffffffffffff R15: 00007ffe0bce5030
[  566.943420][   T38]  </TASK>
[  566.943434][   T38] INFO: task syz.3.676:8395 blocked for more than 187 seconds.
[  566.943447][   T38]       Not tainted syzkaller #0
[  566.943457][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  566.943466][   T38] task:syz.3.676       state:D stack:24952 pid:8395  tgid:8395  ppid:5797   task_flags:0x400040 flags:0x00080003
[  566.943514][   T38] Call Trace:
[  566.943521][   T38]  <TASK>
[  566.943533][   T38]  __schedule+0x145f/0x5070
[  566.943573][   T38]  ? __lock_acquire+0x6b6/0x2cf0
[  566.943610][   T38]  ? __pfx___schedule+0x10/0x10
[  566.943647][   T38]  ? schedule+0x91/0x360
[  566.943677][   T38]  schedule+0x165/0x360
[  566.943705][   T38]  schedule_timeout+0x9a/0x270
[  566.943732][   T38]  ? __pfx_schedule_timeout+0x10/0x10
[  566.943759][   T38]  ? do_raw_spin_lock+0x121/0x290
[  566.943790][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  566.943808][   T38]  ? wait_for_completion+0x267/0x5d0
[  566.943828][   T38]  wait_for_completion+0x2bf/0x5d0
[  566.943846][   T38]  ? lockdep_hardirqs_on+0x7b/0x110
[  566.943876][   T38]  ? __pfx_wait_for_completion+0x10/0x10
[  566.943902][   T38]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  566.943926][   T38]  rcu_barrier+0x463/0x570
[  566.943957][   T38]  kvm_mmu_uninit_vm+0x53/0x90
[  566.943983][   T38]  kvm_arch_destroy_vm+0x23d/0x280
[  566.944010][   T38]  kvm_put_kvm+0x6ca/0xa80
[  566.944048][   T38]  ? __pfx_kvm_vm_release+0x10/0x10
[  566.944071][   T38]  kvm_vm_release+0x46/0x50
[  566.944092][   T38]  __fput+0x45b/0xa80
[  566.944124][   T38]  task_work_run+0x1d4/0x260
[  566.944154][   T38]  ? __pfx_task_work_run+0x10/0x10
[  566.944190][   T38]  exit_to_user_mode_loop+0xef/0x4e0
[  566.944215][   T38]  ? rcu_is_watching+0x15/0xb0
[  566.944236][   T38]  do_syscall_64+0x2b7/0xf80
[  566.944255][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.944273][   T38]  ? trace_irq_disable+0x37/0x100
[  566.944293][   T38]  ? clear_bhb_loop+0x60/0xb0
[  566.944316][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.944335][   T38] RIP: 0033:0x7fca0892f749
[  566.944350][   T38] RSP: 002b:00007ffe23401618 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  566.944370][   T38] RAX: 0000000000000000 RBX: 00007fca08b87da0 RCX: 00007fca0892f749
[  566.944383][   T38] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  566.944395][   T38] RBP: 00007fca08b87da0 R08: 0000000000000000 R09: 000000142340190f
[  566.944408][   T38] R10: 00007fca08b87cb0 R11: 0000000000000246 R12: 0000000000056a33
[  566.944422][   T38] R13: 00007fca08b86180 R14: ffffffffffffffff R15: 00007ffe23401730
[  566.944455][   T38]  </TASK>
[  566.944463][   T38] INFO: task syz.0.687:8429 blocked for more than 187 seconds.
[  566.944477][   T38]       Not tainted syzkaller #0
[  566.944486][   T38]       Blocked by coredump.
[  566.944493][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  566.944502][   T38] task:syz.0.687       state:D stack:27064 pid:8429  tgid:8428  ppid:5796   task_flags:0x40044c flags:0x00080001
[  566.944551][   T38] Call Trace:
[  566.944557][   T38]  <TASK>
[  566.944569][   T38]  __schedule+0x145f/0x5070
[  566.944609][   T38]  ? try_to_take_rt_mutex+0x840/0xb00
[  566.944647][   T38]  ? __pfx___schedule+0x10/0x10
[  566.944691][   T38]  rt_mutex_schedule+0x77/0xf0
[  566.944718][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  566.944742][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  566.944783][   T38]  rt_mutex_slowlock+0x2a8/0x6b0
[  566.944809][   T38]  ? rt_mutex_slowlock+0x1c9/0x6b0
[  566.944834][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  566.944856][   T38]  ? do_raw_spin_lock+0x121/0x290
[  566.944888][   T38]  ? rcu_barrier+0x4c/0x570
[  566.944913][   T38]  ? rcu_barrier+0x4c/0x570
[  566.944938][   T38]  ? rcu_barrier+0x4c/0x570
[  566.944956][   T38]  mutex_lock_nested+0x16a/0x1d0
[  566.944979][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  566.945008][   T38]  rcu_barrier+0x4c/0x570
[  566.945027][   T38]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  566.945052][   T38]  ? rt_write_unlock+0x191/0x230
[  566.945083][   T38]  kvm_mmu_uninit_vm+0x53/0x90
[  566.945108][   T38]  kvm_arch_destroy_vm+0x23d/0x280
[  566.945134][   T38]  kvm_put_kvm+0x6ca/0xa80
[  566.945165][   T38]  ? __pfx_kvm_vm_release+0x10/0x10
[  566.945188][   T38]  kvm_vm_release+0x46/0x50
[  566.945209][   T38]  __fput+0x45b/0xa80
[  566.945241][   T38]  task_work_run+0x1d4/0x260
[  566.945270][   T38]  ? __pfx_task_work_run+0x10/0x10
[  566.945298][   T38]  ? rt_spin_unlock+0x161/0x200
[  566.945328][   T38]  do_exit+0x694/0x22f0
[  566.945356][   T38]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  566.945376][   T38]  ? lockdep_hardirqs_on+0x7b/0x110
[  566.945397][   T38]  ? __pfx_do_exit+0x10/0x10
[  566.945419][   T38]  ? rt_mutex_slowunlock+0x493/0x8a0
[  566.945442][   T38]  ? reacquire_held_locks+0x104/0x190
[  566.945467][   T38]  ? rt_spin_lock+0x1c1/0x3e0
[  566.945507][   T38]  do_group_exit+0x21c/0x2d0
[  566.945533][   T38]  ? rt_spin_unlock+0x161/0x200
[  566.945559][   T38]  get_signal+0x125d/0x1310
[  566.945602][   T38]  arch_do_signal_or_restart+0x9a/0x7a0
[  566.945633][   T38]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  566.945658][   T38]  ? kvm_dev_ioctl+0x10f5/0x1600
[  566.945692][   T38]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  566.945724][   T38]  exit_to_user_mode_loop+0x87/0x4e0
[  566.945749][   T38]  ? rcu_is_watching+0x15/0xb0
[  566.945770][   T38]  do_syscall_64+0x2b7/0xf80
[  566.945788][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.945806][   T38]  ? trace_irq_disable+0x37/0x100
[  566.945825][   T38]  ? clear_bhb_loop+0x60/0xb0
[  566.945848][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.945866][   T38] RIP: 0033:0x7f275fdaf749
[  566.945881][   T38] RSP: 002b:00007f275e016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  566.945901][   T38] RAX: 0000000000000004 RBX: 00007f2760005fa0 RCX: 00007f275fdaf749
[  566.945914][   T38] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003
[  566.945927][   T38] RBP: 00007f275fe33f91 R08: 0000000000000000 R09: 0000000000000000
[  566.945939][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  566.945951][   T38] R13: 00007f2760006038 R14: 00007f2760005fa0 R15: 00007ffc9a5bda88
[  566.945984][   T38]  </TASK>
[  566.945993][   T38] INFO: task syz.4.697:8479 blocked for more than 187 seconds.
[  566.946006][   T38]       Not tainted syzkaller #0
[  566.946016][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  566.946024][   T38] task:syz.4.697       state:D stack:24832 pid:8479  tgid:8479  ppid:5803   task_flags:0x400040 flags:0x00080002
[  566.946079][   T38] Call Trace:
[  566.946085][   T38]  <TASK>
[  566.946097][   T38]  __schedule+0x145f/0x5070
[  566.946137][   T38]  ? try_to_take_rt_mutex+0x840/0xb00
[  566.946175][   T38]  ? __pfx___schedule+0x10/0x10
[  566.946219][   T38]  rt_mutex_schedule+0x77/0xf0
[  566.946246][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  566.946270][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  566.946310][   T38]  rt_mutex_slowlock+0x2a8/0x6b0
[  566.946337][   T38]  ? rt_mutex_slowlock+0x1c9/0x6b0
[  566.946362][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  566.946383][   T38]  ? do_raw_spin_lock+0x121/0x290
[  566.946415][   T38]  ? rcu_barrier+0x4c/0x570
[  566.946440][   T38]  ? rcu_barrier+0x4c/0x570
[  566.946466][   T38]  ? rcu_barrier+0x4c/0x570
[  566.946483][   T38]  mutex_lock_nested+0x16a/0x1d0
[  566.946505][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  566.946534][   T38]  rcu_barrier+0x4c/0x570
[  566.946554][   T38]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  566.946573][   T38]  ? rt_write_unlock+0x191/0x230
[  566.946604][   T38]  kvm_mmu_uninit_vm+0x53/0x90
[  566.946629][   T38]  kvm_arch_destroy_vm+0x23d/0x280
[  566.946655][   T38]  kvm_put_kvm+0x6ca/0xa80
[  566.946685][   T38]  ? __pfx_kvm_vm_release+0x10/0x10
[  566.946708][   T38]  kvm_vm_release+0x46/0x50
[  566.946729][   T38]  __fput+0x45b/0xa80
[  566.946762][   T38]  task_work_run+0x1d4/0x260
[  566.946791][   T38]  ? __pfx_task_work_run+0x10/0x10
[  566.946828][   T38]  exit_to_user_mode_loop+0xef/0x4e0
[  566.946853][   T38]  ? rcu_is_watching+0x15/0xb0
[  566.946874][   T38]  do_syscall_64+0x2b7/0xf80
[  566.946892][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.946910][   T38]  ? trace_irq_disable+0x37/0x100
[  566.946929][   T38]  ? clear_bhb_loop+0x60/0xb0
[  566.946952][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.946970][   T38] RIP: 0033:0x7f4cc11ff749
[  566.946986][   T38] RSP: 002b:00007ffceac63178 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  566.947004][   T38] RAX: 0000000000000000 RBX: 00007f4cc1457da0 RCX: 00007f4cc11ff749
[  566.947018][   T38] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  566.947030][   T38] RBP: 00007f4cc1457da0 R08: 0000000000000000 R09: 00000008eac6346f
[  566.947048][   T38] R10: 0000000000defbb8 R11: 0000000000000246 R12: 000000000005c6b0
[  566.947061][   T38] R13: 00007f4cc1456090 R14: ffffffffffffffff R15: 00007ffceac63290
[  566.947094][   T38]  </TASK>
[  566.947114][   T38] 
[  566.947114][   T38] Showing all locks held in the system:
[  566.947125][   T38] 3 locks held by kworker/0:0/9:
[  566.947136][   T38] 2 locks held by kworker/0:0H/11:
[  566.947148][   T38] 2 locks held by kworker/u8:1/13:
[  566.947159][   T38] 3 locks held by ktimers/0/16:
[  566.947171][   T38] 4 locks held by rcuc/1/28:
[  566.947183][   T38] 1 lock held by khungtaskd/38:
[  566.947193][   T38]  #0: ffffffff8d5ae940 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  566.947255][   T38] 5 locks held by kworker/u8:3/58:
[  566.947266][   T38] 2 locks held by kworker/u8:4/68:
[  566.947277][   T38]  #0: ffff8881436f7938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[  566.947324][   T38]  #1: ffffc9000153fbc0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[  566.947373][   T38] 2 locks held by kworker/u8:6/171:
[  566.947391][   T38] 3 locks held by kworker/u8:13/1300:
[  566.947402][   T38] 2 locks held by kworker/u8:14/1363:
[  566.947426][   T38] 2 locks held by getty/5563:
[  566.947437][   T38]  #0: ffff88814e7640a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  566.947486][   T38]  #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x44f/0x1460
[  566.947532][   T38] 1 lock held by syz-executor/5795:
[  566.947543][   T38] 1 lock held by syz-executor/5796:
[  566.947554][   T38]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  566.947607][   T38] 3 locks held by kworker/0:9/6007:
[  566.947618][   T38] 2 locks held by kworker/u8:19/6008:
[  566.947630][   T38] 2 locks held by kworker/u8:21/6379:
[  566.947642][   T38] 2 locks held by kworker/u8:22/6979:
[  566.947654][   T38] 1 lock held by syz.1.623/8192:
[  566.947665][   T38]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  566.947708][   T38] 7 locks held by syz-executor/8287:
[  566.947719][   T38]  #0: ffff88803522a480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x217/0xb40
[  566.947771][   T38]  #1: ffff88805bab5c78 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  566.947817][   T38]  #2: ffff8881433ff878 (kn->active#53){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  566.947867][   T38]  #3: ffffffff8e12c6b8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: new_device_store+0x12c/0x6f0
[  566.947913][   T38]  #4: ffff888037b840d8 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x430
[  566.947958][   T38]  #5: ffff888037b87300 (&devlink->lock_key#6){+.+.}-{4:4}, at: nsim_drv_probe+0xc3/0xbd0
[  566.948009][   T38]  #6: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_dev_lock+0x257/0x2f0
[  566.948064][   T38] 1 lock held by syz.3.676/8395:
[  566.948075][   T38]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  566.948120][   T38] 11 locks held by kworker/u8:25/8426:
[  566.948131][   T38] 1 lock held by syz.0.687/8429:
[  566.948142][   T38]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  566.948187][   T38] 3 locks held by syz-executor/8460:
[  566.948199][   T38] 1 lock held by syz.4.697/8479:
[  566.948209][   T38]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  566.948254][   T38] 2 locks held by syz-executor/8492:
[  566.948264][   T38]  #0: ffffffff8e898760 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  566.948307][   T38]  #1: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800
[  566.948355][   T38] 4 locks held by syz.2.703/8506:
[  566.948367][   T38] 5 locks held by syz-executor/8504:
[  566.948378][   T38] 
[  566.948383][   T38] =============================================
[  566.948383][   T38] 
[  566.948392][   T38] NMI backtrace for cpu 1
[  566.948405][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  566.948427][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  566.948438][   T38] Call Trace:
[  566.948445][   T38]  <TASK>
[  566.948453][   T38]  dump_stack_lvl+0xe8/0x150
[  566.948479][   T38]  nmi_cpu_backtrace+0x274/0x2d0
[  566.948502][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  566.948529][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  566.948555][   T38]  sys_info+0x135/0x170
[  566.948575][   T38]  watchdog+0xf95/0xfe0
[  566.948599][   T38]  ? watchdog+0x20a/0xfe0
[  566.948627][   T38]  kthread+0x711/0x8a0
[  566.948654][   T38]  ? __pfx_watchdog+0x10/0x10
[  566.948674][   T38]  ? __pfx_kthread+0x10/0x10
[  566.948695][   T38]  ? rt_spin_unlock+0x150/0x200
[  566.948722][   T38]  ? rt_spin_unlock+0x161/0x200
[  566.948743][   T38]  ? __pfx_kthread+0x10/0x10
[  566.948768][   T38]  ret_from_fork+0x510/0xa50
[  566.948791][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  566.948808][   T38]  ? __switch_to+0xc9e/0x1480
[  566.948838][   T38]  ? __pfx_kthread+0x10/0x10
[  566.948863][   T38]  ret_from_fork_asm+0x1a/0x30
[  566.948903][   T38]  </TASK>
[  566.948910][   T38] Sending NMI from CPU 1 to CPUs 0:
[  566.948936][    C0] NMI backtrace for cpu 0
[  566.948950][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  566.948969][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  566.948979][    C0] RIP: 0010:__lock_acquire+0x483/0x2cf0
[  566.949008][    C0] Code: 41 8d 5c 24 01 49 ff cc 89 d9 83 c1 fe 78 40 45 89 e7 41 81 e7 ff ff ff 7f 83 f9 31 73 1d 4b 8d 0c bf 41 8b 8c ce b0 0b 00 00 <31> c1 ff cb 49 ff cc f7 c1 00 60 00 00 74 cf eb 17 48 c7 c7 b0 e2
[  566.949022][    C0] RSP: 0018:ffffc900001569b0 EFLAGS: 00000083
[  566.949036][    C0] RAX: 000000000002000b RBX: 0000000000000003 RCX: 000000000002000b
[  566.949048][    C0] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000000
[  566.949057][    C0] RBP: ffff88801b6de718 R08: ffffffff893c070c R09: ffffffff8d5ae940
[  566.949070][    C0] R10: 0000000000000100 R11: 0000000000000005 R12: 0000000000000001
[  566.949080][    C0] R13: 0000000000000000 R14: ffff88801b6ddac0 R15: 0000000000000001
[  566.949091][    C0] FS:  0000000000000000(0000) GS:ffff888126cef000(0000) knlGS:0000000000000000
[  566.949104][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  566.949115][    C0] CR2: 0000200000000000 CR3: 000000000d3a8000 CR4: 00000000003526f0
[  566.949130][    C0] Call Trace:
[  566.949136][    C0]  <TASK>
[  566.949147][    C0]  ? rcu_is_watching+0x15/0xb0
[  566.949162][    C0]  ? trace_fib_table_lookup+0x85/0x1e0
[  566.949178][    C0]  ? fib_table_lookup+0x11ba/0x16e0
[  566.949201][    C0]  ? rt_is_expired+0x1c/0x2d0
[  566.949221][    C0]  lock_acquire+0x107/0x340
[  566.949240][    C0]  ? rt_is_expired+0x1c/0x2d0
[  566.949260][    C0]  ? __pfx_find_exception+0x10/0x10
[  566.949282][    C0]  ? fib_lookup+0x76/0x440
[  566.949307][    C0]  ? rt_is_expired+0x1c/0x2d0
[  566.949327][    C0]  rt_is_expired+0x38/0x2d0
[  566.949347][    C0]  ? rt_is_expired+0x1c/0x2d0
[  566.949367][    C0]  ip_route_output_key_hash_rcu+0x13bf/0x23e0
[  566.949387][    C0]  ? ip_route_output_key_hash+0xc1/0x280
[  566.949403][    C0]  ip_route_output_key_hash+0x174/0x280
[  566.949419][    C0]  ? __pfx___inet_dev_addr_type+0x10/0x10
[  566.949437][    C0]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  566.949459][    C0]  ip_route_output_flow+0x2a/0x150
[  566.949479][    C0]  ? ip_route_me_harder+0x6ae/0xf10
[  566.949498][    C0]  ip_route_me_harder+0x6c4/0xf10
[  566.949520][    C0]  ? __pfx_ip_route_me_harder+0x10/0x10
[  566.949544][    C0]  ? rcu_is_watching+0x15/0xb0
[  566.949558][    C0]  ? siphash_2u64+0x25/0x2a0
[  566.949577][    C0]  synproxy_send_tcp+0x3a7/0x700
[  566.949601][    C0]  synproxy_send_client_synack+0x8bb/0xe20
[  566.949631][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  566.949652][    C0]  ? nft_log_eval+0x3c8/0xab0
[  566.949672][    C0]  ? synproxy_pernet+0x45/0x270
[  566.949690][    C0]  nft_synproxy_eval_v4+0x36e/0x560
[  566.949709][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  566.949726][    C0]  ? nf_ip_checksum+0x13c/0x510
[  566.949744][    C0]  nft_synproxy_do_eval+0x345/0x570
[  566.949760][    C0]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  566.949777][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  566.949801][    C0]  ? __local_bh_enable_ip+0x1af/0x2c0
[  566.949822][    C0]  nft_do_chain+0x40c/0x1920
[  566.949840][    C0]  ? try_to_take_rt_mutex+0x840/0xb00
[  566.949863][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  566.949877][    C0]  ? try_to_take_rt_mutex+0x840/0xb00
[  566.949902][    C0]  ? try_to_take_rt_mutex+0x840/0xb00
[  566.949932][    C0]  nft_do_chain_inet+0x25d/0x340
[  566.949948][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  566.949968][    C0]  ? NF_HOOK+0x9a/0x3a0
[  566.949986][    C0]  ? NF_HOOK+0x9a/0x3a0
[  566.950004][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  566.950020][    C0]  nf_hook_slow+0xc5/0x220
[  566.950041][    C0]  NF_HOOK+0x206/0x3a0
[  566.950060][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  566.950079][    C0]  ? NF_HOOK+0x9a/0x3a0
[  566.950097][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  566.950113][    C0]  ? ip_rcv_finish_core+0xda3/0x1c00
[  566.950133][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  566.950153][    C0]  ? skb_dst+0x4f/0xd0
[  566.950171][    C0]  ? ip_local_deliver+0x12a/0x1b0
[  566.950190][    C0]  NF_HOOK+0x30c/0x3a0
[  566.950208][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  566.950226][    C0]  ? NF_HOOK+0x9a/0x3a0
[  566.950243][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  566.950262][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  566.950284][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  566.950300][    C0]  __netif_receive_skb+0x143/0x380
[  566.950318][    C0]  ? process_backlog+0x272/0x8f0
[  566.950334][    C0]  process_backlog+0x315/0x8f0
[  566.950354][    C0]  __napi_poll+0xae/0x520
[  566.950370][    C0]  net_rx_action+0x64a/0xdb0
[  566.950392][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  566.950414][    C0]  ? rt_spin_unlock+0x150/0x200
[  566.950436][    C0]  handle_softirqs+0x1df/0x650
[  566.950456][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  566.950474][    C0]  run_ktimerd+0x69/0x100
[  566.950492][    C0]  smpboot_thread_fn+0x542/0xa60
[  566.950509][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  566.950530][    C0]  kthread+0x711/0x8a0
[  566.950551][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  566.950568][    C0]  ? __pfx_kthread+0x10/0x10
[  566.950586][    C0]  ? rt_spin_unlock+0x150/0x200
[  566.950606][    C0]  ? rt_spin_unlock+0x161/0x200
[  566.950644][    C0]  ? __pfx_kthread+0x10/0x10
[  566.950663][    C0]  ret_from_fork+0x510/0xa50
[  566.950680][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  566.950695][    C0]  ? __switch_to+0xc9e/0x1480
[  566.950717][    C0]  ? __pfx_kthread+0x10/0x10
[  566.950736][    C0]  ret_from_fork_asm+0x1a/0x30
[  566.950762][    C0]  </TASK>
[  685.774148][  T171] ------------[ cut here ]------------
[  685.774172][  T171] WARNING: io_uring/io_uring.c:3026 at io_ring_exit_work+0x48b/0x8d0, CPU#1: kworker/u8:6/171
[  685.774219][  T171] Modules linked in:
[  685.774243][  T171] CPU: 1 UID: 0 PID: 171 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  685.774294][  T171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  685.774319][  T171] Workqueue: iou_exit io_ring_exit_work
[  685.774344][  T171] RIP: 0010:io_ring_exit_work+0x48b/0x8d0
[  685.774370][  T171] Code: c6 05 49 d9 9a 0d 01 48 c7 c7 00 47 3e 8b be 25 00 00 00 48 c7 c2 e0 44 3e 8b e8 40 48 72 00 e9 7b fe ff ff e8 86 2a 95 00 90 <0f> 0b 90 b8 70 17 00 00 48 89 44 24 50 e9 5f ff ff ff 44 89 e1 80
[  685.774387][  T171] RSP: 0018:ffffc90003b278e0 EFLAGS: 00010293
[  685.774402][  T171] RAX: ffffffff812a7f9a RBX: 0000000100009601 RCX: ffff88801df85ac0
[  685.774417][  T171] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  685.774429][  T171] RBP: ffffc90003b27a70 R08: 0000000000000000 R09: 0000000000000000
[  685.774442][  T171] R10: dffffc0000000000 R11: fffffbfff1db668f R12: 0000000100009297
[  685.774456][  T171] R13: ffff888065728350 R14: ffff888065728540 R15: dffffc0000000000
[  685.774471][  T171] FS:  0000000000000000(0000) GS:ffff888126def000(0000) knlGS:0000000000000000
[  685.774487][  T171] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  685.774500][  T171] CR2: 0000200000e68000 CR3: 000000004108e000 CR4: 00000000003526f0
[  685.774517][  T171] Call Trace:
[  685.774526][  T171]  <TASK>
[  685.774551][  T171]  ? __pfx_io_ring_exit_work+0x10/0x10
[  685.774595][  T171]  ? process_scheduled_works+0x9ef/0x1770
[  685.774616][  T171]  ? process_scheduled_works+0x9ef/0x1770
[  685.774639][  T171]  process_scheduled_works+0xad1/0x1770
[  685.774712][  T171]  ? __pfx_process_scheduled_works+0x10/0x10
[  685.774731][  T171]  ? do_raw_spin_lock+0x121/0x290
[  685.774770][  T171]  worker_thread+0x8a0/0xda0
[  685.774818][  T171]  kthread+0x711/0x8a0
[  685.774847][  T171]  ? __pfx_worker_thread+0x10/0x10
[  685.774867][  T171]  ? __pfx_kthread+0x10/0x10
[  685.774888][  T171]  ? rt_spin_unlock+0x150/0x200
[  685.774918][  T171]  ? rt_spin_unlock+0x161/0x200
[  685.774939][  T171]  ? __pfx_kthread+0x10/0x10
[  685.774971][  T171]  ret_from_fork+0x510/0xa50
[  685.774995][  T171]  ? __pfx_ret_from_fork+0x10/0x10
[  685.775013][  T171]  ? __switch_to+0xc9e/0x1480
[  685.775044][  T171]  ? __pfx_kthread+0x10/0x10
[  685.775070][  T171]  ret_from_fork_asm+0x1a/0x30
[  685.775113][  T171]  </TASK>
[  685.775132][  T171] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  685.775146][  T171] CPU: 1 UID: 0 PID: 171 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  685.775168][  T171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  685.775180][  T171] Workqueue: iou_exit io_ring_exit_work
[  685.775204][  T171] Call Trace:
[  685.775212][  T171]  <TASK>
[  685.775219][  T171]  vpanic+0x1e0/0x670
[  685.775247][  T171]  panic+0xb9/0xc0
[  685.775270][  T171]  ? __pfx_panic+0x10/0x10
[  685.775304][  T171]  ? ret_from_fork_asm+0x1a/0x30
[  685.775335][  T171]  __warn+0x317/0x4b0
[  685.775357][  T171]  ? io_ring_exit_work+0x48b/0x8d0
[  685.775384][  T171]  ? io_ring_exit_work+0x48b/0x8d0
[  685.775409][  T171]  __report_bug+0x288/0x500
[  685.775437][  T171]  ? __lock_acquire+0x6b6/0x2cf0
[  685.775458][  T171]  ? io_ring_exit_work+0x48b/0x8d0
[  685.775494][  T171]  ? __pfx___report_bug+0x10/0x10
[  685.775528][  T171]  ? do_raw_spin_lock+0x121/0x290
[  685.775557][  T171]  ? io_ring_exit_work+0x48b/0x8d0
[  685.775581][  T171]  report_bug+0x16a/0x220
[  685.775607][  T171]  ? io_ring_exit_work+0x48b/0x8d0
[  685.775630][  T171]  ? io_ring_exit_work+0x48d/0x8d0
[  685.775654][  T171]  handle_bug+0x98/0x200
[  685.775676][  T171]  exc_invalid_op+0x1a/0x50
[  685.775697][  T171]  asm_exc_invalid_op+0x1a/0x20
[  685.775714][  T171] RIP: 0010:io_ring_exit_work+0x48b/0x8d0
[  685.775738][  T171] Code: c6 05 49 d9 9a 0d 01 48 c7 c7 00 47 3e 8b be 25 00 00 00 48 c7 c2 e0 44 3e 8b e8 40 48 72 00 e9 7b fe ff ff e8 86 2a 95 00 90 <0f> 0b 90 b8 70 17 00 00 48 89 44 24 50 e9 5f ff ff ff 44 89 e1 80
[  685.775754][  T171] RSP: 0018:ffffc90003b278e0 EFLAGS: 00010293
[  685.775770][  T171] RAX: ffffffff812a7f9a RBX: 0000000100009601 RCX: ffff88801df85ac0
[  685.775785][  T171] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  685.775797][  T171] RBP: ffffc90003b27a70 R08: 0000000000000000 R09: 0000000000000000
[  685.775809][  T171] R10: dffffc0000000000 R11: fffffbfff1db668f R12: 0000000100009297
[  685.775823][  T171] R13: ffff888065728350 R14: ffff888065728540 R15: dffffc0000000000
[  685.775846][  T171]  ? io_ring_exit_work+0x48a/0x8d0
[  685.775891][  T171]  ? __pfx_io_ring_exit_work+0x10/0x10
[  685.775934][  T171]  ? process_scheduled_works+0x9ef/0x1770
[  685.775954][  T171]  ? process_scheduled_works+0x9ef/0x1770
[  685.775983][  T171]  process_scheduled_works+0xad1/0x1770
[  685.776033][  T171]  ? __pfx_process_scheduled_works+0x10/0x10
[  685.776052][  T171]  ? do_raw_spin_lock+0x121/0x290
[  685.776089][  T171]  worker_thread+0x8a0/0xda0
[  685.776136][  T171]  kthread+0x711/0x8a0
[  685.776164][  T171]  ? __pfx_worker_thread+0x10/0x10
[  685.776185][  T171]  ? __pfx_kthread+0x10/0x10
[  685.776206][  T171]  ? rt_spin_unlock+0x150/0x200
[  685.776234][  T171]  ? rt_spin_unlock+0x161/0x200
[  685.776255][  T171]  ? __pfx_kthread+0x10/0x10
[  685.776281][  T171]  ret_from_fork+0x510/0xa50
[  685.776304][  T171]  ? __pfx_ret_from_fork+0x10/0x10
[  685.776322][  T171]  ? __switch_to+0xc9e/0x1480
[  685.776353][  T171]  ? __pfx_kthread+0x10/0x10
[  685.776378][  T171]  ret_from_fork_asm+0x1a/0x30
[  685.776421][  T171]  </TASK>
[  685.776843][  T171] Kernel Offset: disabled